OOB Deprecation

[Logic-gate]

Since OOB has been deprecated, another method of authentication needs to take place. I suggest the following:

Users need to register their own apps through Google Console with the correct scope:

SCOPES = [
    'https://www.googleapis.com/auth/drive.metadata.readonly',
    'https://www.googleapis.com/auth/drive',
    'https://www.googleapis.com/auth/drive.appdata',
    'https://www.googleapis.com/auth/drive.file',
    'https://www.googleapis.com/auth/drive.metadata',
    'https://www.googleapis.com/auth/drive.readonly',
    'https://www.googleapis.com/auth/drive.photos.readonly'
    ]

Trust me when I say this, you will never get verified. I spent like 45 minutes making a 10 second video to showcase why I need those scopes...yes they will ask you to upload a video through youtube...SMH. But that's not a problem. We can use InstalledAppFlow to hasten the process through a simple script and fetch the token without much refactoring: prototype example:

import os
import pickle
from google.auth.transport.requests import Request
from google_auth_oauthlib.flow import InstalledAppFlow

SCOPES = [
    'https://www.googleapis.com/auth/drive.metadata.readonly',
    'https://www.googleapis.com/auth/drive',
    'https://www.googleapis.com/auth/drive.appdata',
    'https://www.googleapis.com/auth/drive.file',
    'https://www.googleapis.com/auth/drive.metadata',
    'https://www.googleapis.com/auth/drive.readonly',
    'https://www.googleapis.com/auth/drive.photos.readonly'
    ]

flow = InstalledAppFlow.from_client_secrets_file(
   # YOUR OWN APP CREDS WILL BE MOVED TO .config
    '/usr/share/harbour-cargo/qml/creds/client_id.json',
    scopes=SCOPES
)
credentials = flow.run_local_server()

session = flow.authorized_session()

TOKEN= "/home/defaultuser/.config/harbour-cargo/token.pickle"

with open(TOKEN, 'wb') as token:
    pickle.dump(credentials, token)

Note that this will not allow anyone other than the app creator access by default. If you were to authorize any other account you'll get the following

I dont think it prudent nor acceptable to state that this is what it is and user should proceed to authorize cargo to access their information.

[attah]

Is it possible to do something like what jolla does for google accounts?

[Logic-gate]

It is, however the app or rather the OAuth api usage needs to be validated by google. Plus they added user caps. Here's an excerpt:

The user cap limits the number of users that can grant permission to your app when requesting unapproved sensitive or restricted scopes. The user cap applies over the entire lifetime of the project, and it cannot be reset or changed. Verified apps will still display the user cap on this page, but the user cap does not apply if you are requesting only approved sensitive or restricted scopes. If your users are seeing the "unverified app" screen , it is because your OAuth request includes additional scopes that haven't been approved.

I am going to give it one last attempt. Basically adhering to everything they state, starting with a project page and a privacy policy.

[Logic-gate]

I have resubmitted the app for verification.

Project Page: cargo.roshan.jp

[attah]

That is one snazzy website!

[Logic-gate]

I got word back from Google.

Thanks for applying for an OAuth App verification.

Please consider reviewing the list of[ Drive APIs] which are best suited for your project and try to choose the narrowest scope possible. We recommend avoiding requesting scopes that your project does not actually need because users more readily give access to limited, clearly described scopes.

The narrower scope(s) that you choose would replace what you've requested below:

https://www.googleapis.com/auth/drive
If these scopes aren't enough for your project, reply to this email with a detailed explanation of the scopes you actually need.

If you can use narrower scopes, update the scopes listed for your project on the OAuth Consent Screen of the[ Google API Console](. Then click Submit for verification to continue with the verification process.

For more information, you can use these resources:

Before resubmitting, I thought I should finally implement uploads and maybe a gallery patch to include Drive images(*.jpg, *.jpeg, *.png...ets.) Not sure about the gallery patch though.

[Logic-gate]

@attah mind testing out the new login method. Just remember to rename your old token. We're still not verified so you might get a warning from google.

[attah]

That worked like a charm! And just in time for when i need it (tomorrow) :)

[Logic-gate]

Cool. BTW, I added some inital code for the gallery patch(6cca6bf) and (16d3356). I just need to figure out a non-hacky way to apply them as root.

[attah]

I'm not big on patches... but that looks pretty cool!
Maybe don't have it in app but publish in PatchManager, and lean on that they have that bit sorted?

[Logic-gate]

Figured you'd say that. realized too late that we have PatchManager...smh. Will have removed.