Old GoogleDrive remote stopped working, can't create a ClientID for a new one ("Google Verification Process?!")

Hello everyone,

A few minutes ago, I tried to access a remote I haven't used for at least many months, and got an error:

2020/01/31 11:27:37 Failed to create file system for "REDACTED:": couldn't find root directory ID: Get https://www.googleapis.com/drive/v3/files/root?alt=json&fields=id&prettyPrint=false&supportsAllDrives=true: oauth2: cannot fetch token: 400 Bad Request
Response: {
  "error": "invalid_grant",
  "error_description": "Bad Request"
}

Other Google Drive remotes that I use more frequently aren't having any issues.

Figuring something had got "stale", I thought "What the heck, let's just configure a new remote from scratch", but when I tried to do that, when the time came to create the Client ID (following instructions here), when I reached the second part of step 4 (" It will prompt you to set the OAuth consent screen product name, if you haven’t set one already"), I was presented with a screen giving me two options:

Internal
    Only available to users within your organization. 
    You will not need to submit your app for verification.

External
    Available to any user with a Google account.

I tried selecting "Internal", but it's unselectable, and by hovering the mouse cursor over it I get the following message:

Because you are not a GSuite user, you can only make your app
available to external (general audience) users. 

Hovering the mouse cursor over the (?) icon right besides "External", it shows:

In this mode, your app is available to any user with a Google account.
External apps that request sensitive or restricted user data must first
be verified by Google. This process which may take 4-6 weeks. 
In addition, if you selected restricted scopes, you'll need to go through
an independent security review, which can cost USD $15k-$75k.

So, what does that mean? Isn't it possible anymore to use plain Google Drive (ie, no GSuite) with our own Client_ID, without going through this lenghty "app verification" thing, or the impossibly expensive "independent security review" in case rclone and/or the way I use it needs those "restricted scopes"?

PS#1: this is with the latest rclone stable release (1.50.2).
PS#2: configuring a new remote using rclone's internal key worked, but I would really really like to use my own Client ID as I've always done.

Thanks in advance,
-- Durval.

I think carry on with the External but don't submit it for review. You'll still be able to use it but you'll have to click through scary warnings when you do the oauth.

I did the "app verification" for rclone's own IDs and it is quite long winded!

1 Like

Thanks for the quick & precise reply as per your usual, @ncw!

I confirm that selecting "External" and going on right ahead allowed me to get a new Client ID and Secret, which I then pasted into rclone config, and after going through (you are right, REALLY scary "unnaproved app" warning screen & 'hoops'), I was then able to allow rclone to get a new Token ID and everything is good now.

Perhaps we could update the documentation?

Cheers,
-- Durval.

1 Like

If you want to type it up and submit a pull request or type up here, I can submit it.

1 Like

Hello @Animosity022,

Will try doing the PR. Will report here once it's done.

Thanks,
-- Durval.

If you have any questions on submitting it, @ncw is helpful as it's teaching a man to fish rather than fishing for him :slight_smile:

I'm not that good at them either as I don't do them enough!

1 Like

Agreed, I've been involved with open-source software since the early 1990s (and since mid-1980s if you count the original Unix that Bell Labs used to license to universities), and I have never found an author so high-quality, helpful and consistent as @ncw.

The doc which needs editing is here: https://github.com/rclone/rclone/blob/master/docs/content/drive.md#making-your-own-client_id

You can edit it online with the :pencil: icon at the top and that turns into a pull request. I haven't done it myself but @thestigma managed to do it.

That process might be worth writing up in the contributing docs too!

I found GitHub's instructions.

:blush:

1 Like

Thanks again @ncw. I will try to do the PR via the "web way" you described above.

That would be great. I'd appreciate your thoughts on the process too - as in are the GitHub instructions enough for rclone contributors to follow or do they need more?

Hello @ncw,

I will try to do the PR via the "web way" you described above

Here it is: https://github.com/rclone/rclone/pull/3918 ; please feel free to edit/reformat/etc as you see fit.

That would be great.

It's my pleasure to contribute, albeit so modestly, to the great project that is rclone.

I'd appreciate your thoughts on the process too - as in are the GitHub instructions enough for rclone contributors to follow or do they need more?

Yep, in fact I found the process totally intuitive, I basically did not had to refer to the documentation -- just gave it a cursory reading at the beginning and another at the end to see if I had missed something (apparently I didn't :slight_smile: ).

Cheers,
-- Durval.

That looks great - thank you. I've merged those changes. I'll stick them into a point release at some point.

I also stuck a note in the CONTRIBUTING file about editing the docs that way.

1 Like