| 1 |
Thanks for the feedback. v3 is below. |
| 2 |
------ |
| 3 |
|
| 4 |
Title: OAuth2 Credentials Removed from Chromium |
| 5 |
Author: Jason A. Donenfeld <zx2c4@g.o> |
| 6 |
Posted: 2021-08-11 |
| 7 |
Revision: 1 |
| 8 |
News-Item-Format: 2.0 |
| 9 |
Display-If-Installed: www-client/chromium |
| 10 |
|
| 11 |
In March of this year, Google announced that OAuth2 credentials would be revoked |
| 12 |
for distros shipping Chromium. This was covered in multiple places at the time, |
| 13 |
such as [1,2,3]. Around that time, with 89.0.4389.82, Gentoo removed OAuth2 |
| 14 |
credentials from its packages. However, they slipped back in shortly after. |
| 15 |
|
| 16 |
As a result, some users [4] have found that recently Google's SSO does not |
| 17 |
persist between browser sessions; e.g. you have to log back into GMail every |
| 18 |
time you open your browser. Today's changes [5] restore the old behavior we had |
| 19 |
in March, of not shipping Gentoo OAuth2 credentials. |
| 20 |
|
| 21 |
If you find that certain Google services are no longer working, you may wish to |
| 22 |
supply OAuth2 credentials manually, obtained by following the instructions at |
| 23 |
[6]. However, even without supplying such credentials, Google's SSO should now |
| 24 |
be working as expected. |
| 25 |
|
| 26 |
There are now two options for passing these credentials to Chromium via |
| 27 |
|
| 28 |
/etc/chromium/default: |
| 29 |
|
| 30 |
1. GOOGLE_DEFAULT_CLIENT_ID and GOOGLE_DEFAULT_CLIENT_SECRET environment |
| 31 |
variables: |
| 32 |
export GOOGLE_DEFAULT_CLIENT_ID="<client-id>" |
| 33 |
export GOOGLE_DEFAULT_CLIENT_SECRET="<client-secret>" |
| 34 |
|
| 35 |
2. --oauth2-client-id and --oauth2-client-secret= command line switches: |
| 36 |
CHROMIUM_FLAGS+=" --oauth2-client-id=<client-id>" |
| 37 |
CHROMIUM_FLAGS+=" --oauth2-client-secret=<client-secret>" |
| 38 |
|
| 39 |
Alternatively these environment variables and command line switches may be given |
| 40 |
at the command line for ad-hoc testing. |
| 41 |
|
| 42 |
[1] https://archlinux.org/news/chromium-losing-sync-support-in-early-march/ |
| 43 |
[2] https://bodhi.fedoraproject.org/updates/FEDORA-2021-48866282e5 |
| 44 |
[3] https://hackaday.com/2021/01/26/whats-the-deal-with-chromium-on-linux-google-at-odds-with-package-maintainers/ |
| 45 |
[4] https://bugs.gentoo.org/791871 |
| 46 |
[5] https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fce48ef271bbcaee9afdf0481294da167e665a9b |
| 47 |
[6] http://www.chromium.org/developers/how-tos/api-keys |
Archives