search

GMOD / jbrowse-components

Source code for JBrowse 2, a modern React-based genome browser
https://jbrowse.org/jb2
Apache License 2.0
195 stars 60 forks source link

Potential issue with Google OAuth track opening -- unverified application by Google #4329

Open carolinebridge opened 3 months ago

carolinebridge commented 3 months ago

Opening a track using a google account can fail reporting that the app is unverified. Something we should look into. It may be related to opening a track with a private org account

User reported bug in Element -- I was able to reproduce -- some resources that may be related:

https://support.google.com/cloud/answer/13463073?visit_id=638476604278740728-2694179700&rd=1

https://support.google.com/cloud/answer/7454865

https://support.google.com/cloud/answer/10311615#verification-status&zippy=

We should also make sure our OAuth documentation is easier to find on our website...

Error details: Screenshot 2024-04-02 at 9 04 16 AM

Screenshot 2024-04-02 at 9 09 26 AM
cmdcolin commented 3 months ago

i'm not sure if it applies here but someone trying to set this up on their own website would have to register their own google clientId, they couldn't use our 'clientId' that we have in our demo data

garrettjstevens commented 3 months ago

How was this reproduced? It looks like the redirect_uri uses localhost, but I think our development client_id only works for localhost:3000.

carolinebridge commented 3 months ago

That screenshot was from desktop

garrettjstevens commented 3 months ago

It turns out we may not have properly published our OAuth app, so the keys used in the desktop app may still be in "testing" mode. I'm looking into it a bit more.