Migrate your impacted OAuth out-of-band flow to an alternative method before Oct. 3, 2022

[hansgv]

I received an email from Google saying I "have OAuth clients that used the OAuth OOB flow in the past."

Is this something that has been or can be fixed in gdrive?

[carstentrink]

See https://github.com/msfjarvis/gdrive or https://github.com/carstentrink/gdrive

[hansgv]

@carstentrink Thanks for the suggestion!

I managed to compile and install https://github.com/msfjarvis/gdrive. When I run gdrive it asks to re-authorize by visiting a Google URL (I suppose my old .gdrive/token_v2.json doesn't work with this fork). Visiting the URL I get:

Authorization Error
Error 400: invalid_request
Missing required parameter: client_id

[carstentrink]

In msfjarvis/gdrive you need to place the json file with clientId and clientSecret from https://console.cloud.google.com/ in some place (I also do not know which location to place it). Either way it will NOT work as it is NOT in production.

self advertising

Just see the README in https://github.com/carstentrink/gdrive

• You need to edit the clientId and clientSecret in the file handlers_drive.go.
• Then compile.

[hansgv]

@carstentrink THANK YOU! 🙌🏻

For other dummies like myself, here's what I did:

1. Followed these instructions to install the latest Go (min. 1.17 required) on Ubuntu 20.04
2. Downloaded https://github.com/carstentrink/gdrive/archive/refs/heads/main.zip
3. Edited handlers_drive.go to include my credentials, as instructed in README
4. Executed go build in the gdrive-main directory
5. Moved the generated gdrive binary to /usr/local/bin/
6. Executed gdrive version for the first time to get a Verification URL and Authorization Code prompt
7. Visited the verification URL. Accepted the fact that gdrive isn't a 'Google approved' app. Pasted the provided Authorization Code to the prompt

[olyair11]

@carstentrink

Please clarify. I was looking at
https://developers.google.com/identity/protocols/oauth2/resources/oob-migration#inspect-your-application-code
but the 'RedirectURL' line in auth/oauth.go is still type 'oob'.
As far as I understood this type will stop working after 3 days,
as commented https://developers.google.com/identity/protocols/oauth2/resources/oob-migration#desktop-client
Thanks

[carstentrink]

Edit: Please change to production as described in README

[juliusspencer]

One small change to hansgv's comment. In step 6 I executed gdrive about for the Verification URL.

[likid]

Someone messed with @carstentrink code and we can't compile now.

# github.com/msfjarvis/gdrive
./handlers_drive.go:369:74: undefined: auth.AuthCodeHTTP

[carstentrink]

Please try again with ./compile. I have fixed it. I am using go1.19.1 version.

(If you need linux device then try https://console.cloud.google.com/home/dashboard?cloudshell=true)

[juliusspencer]

Hi, I'm using a headless linux box but can't sign in to google with my user using browsh.

I tried compiling on MacOS without any errors, but got the following when trying to run the ./gdrive about command:

Failed to get about: Get "https://www.googleapis.com/drive/v3/about?alt=json&fields=maxImportSizes%2CmaxUploadSize%2CstorageQuota%2Cuser&prettyPrint=false": oauth2: cannot fetch token: 400 Bad Request
Response: {
  "error": "invalid_grant",
  "error_description": "Token has been expired or revoked."
}

Any ideas on how to sign in?

I would like to use this in a CI system, but I think the token will keep expiring…

[carstentrink]

@juliusspencer

Authorise it locally then copy both linux binary and .config/gdrive/something.jsonto the remote box.

[juliusspencer]

Thanks, yeah I did just that, I just need to update the variable that stores the token as it updates as the docker container overwrites it. I'm almost there.

[carstentrink]

May be this repo has some actions that are useful. https://github.com/marufshidiq/gdrive-cli-builder/blob/master/.github/workflows/build.yml

[jfronza]

This is great, and everything works, except ~/.config/gdrive/USERNAME_v2.json is not created. I created the folder structure ~/.config/gdrive/ and then the file USERNAME_v2.json was created correctly.