1 |
Thanks for the feedback. v3 is below. |
2 |
------ |
3 |
|
4 |
Title: OAuth2 Credentials Removed from Chromium |
5 |
Author: Jason A. Donenfeld <zx2c4@g.o> |
6 |
Posted: 2021-08-11 |
7 |
Revision: 1 |
8 |
News-Item-Format: 2.0 |
9 |
Display-If-Installed: www-client/chromium |
10 |
|
11 |
In March of this year, Google announced that OAuth2 credentials would be revoked |
12 |
for distros shipping Chromium. This was covered in multiple places at the time, |
13 |
such as [1,2,3]. Around that time, with 89.0.4389.82, Gentoo removed OAuth2 |
14 |
credentials from its packages. However, they slipped back in shortly after. |
15 |
|
16 |
As a result, some users [4] have found that recently Google's SSO does not |
17 |
persist between browser sessions; e.g. you have to log back into GMail every |
18 |
time you open your browser. Today's changes [5] restore the old behavior we had |
19 |
in March, of not shipping Gentoo OAuth2 credentials. |
20 |
|
21 |
If you find that certain Google services are no longer working, you may wish to |
22 |
supply OAuth2 credentials manually, obtained by following the instructions at |
23 |
[6]. However, even without supplying such credentials, Google's SSO should now |
24 |
be working as expected. |
25 |
|
26 |
There are now two options for passing these credentials to Chromium via |
27 |
|
28 |
/etc/chromium/default: |
29 |
|
30 |
1. GOOGLE_DEFAULT_CLIENT_ID and GOOGLE_DEFAULT_CLIENT_SECRET environment |
31 |
variables: |
32 |
export GOOGLE_DEFAULT_CLIENT_ID="<client-id>" |
33 |
export GOOGLE_DEFAULT_CLIENT_SECRET="<client-secret>" |
34 |
|
35 |
2. --oauth2-client-id and --oauth2-client-secret= command line switches: |
36 |
CHROMIUM_FLAGS+=" --oauth2-client-id=<client-id>" |
37 |
CHROMIUM_FLAGS+=" --oauth2-client-secret=<client-secret>" |
38 |
|
39 |
Alternatively these environment variables and command line switches may be given |
40 |
at the command line for ad-hoc testing. |
41 |
|
42 |
[1] https://archlinux.org/news/chromium-losing-sync-support-in-early-march/ |
43 |
[2] https://bodhi.fedoraproject.org/updates/FEDORA-2021-48866282e5 |
44 |
[3] https://hackaday.com/2021/01/26/whats-the-deal-with-chromium-on-linux-google-at-odds-with-package-maintainers/ |
45 |
[4] https://bugs.gentoo.org/791871 |
46 |
[5] https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fce48ef271bbcaee9afdf0481294da167e665a9b |
47 |
[6] http://www.chromium.org/developers/how-tos/api-keys |