Token expires every 7 days after headless authorisation.

[Phils80]

First of all thaks to astrada for this effort, it helps me a lot during migration from Google to my own cloud. Meanwhile I've noticed one potential issue and I'd like to consult if this is normal or can be a sort of bug or misuse from my side.

First few points about my installation:

1. I'm using ocamlfuse on Ubuntu 22.04 server with headless authorisation done according to this guide: https://github.com/astrada/google-drive-ocamlfuse/wiki/Headless-Usage-&-Authorization

2. I have realised automounting via service in systemd - I was unable to do it via fstab - all done according to this document: https://github.com/astrada/google-drive-ocamlfuse/blob/beta/doc/Automounting.md

3. Google Drive is mounted in Nextcloud directory on my server. It is letting me to use only one cloud client on mobile devices and computers during migration and give a bit more time to users to learn and test new system.

4. Server is working on dynamic domain (NO-IP) - it is fully public, but IP change more or less ones per month, but additionally I use in case of emergency secondary internet connection which is turend on in case primary is down. Usually system put on secondary WAN for a while when main IP is changing.

And here starts my problem - when IP is changing, token seems to expire and Google Drive is not mounted. I need to: EDIT - Token expires - regardles IP change - it was coincident - it seems to be regular - every 7 days

a. stop and disable ocalmfuse service b. remove all .gdfuse contents (root and user) c. generate again new token for my Google Drive (user and secret key stay the same) d. authorise ocalmfuse again according to point no. 1 e. mount Google Drive f. start and enable ocalmfuse service g. syncronize my Google Drive again with Nextcloud

Same thing happened when I have started my server with network interface down (for maintenece reason).

My IP is changing ones per month approximately, but syncronising such a big portion of data is disturbing for my users.

Is it normal behavior and I need to live with it, or there is some possibility to avoid this situation ?

EDIT - As described below in my next comment - the reason seems to security policy of Google API, copy and paste authorisations seems to by limited by token validity...

[Phils80]

I have noticed that problem is not link with IP change, but token simply expires every 7 days if project in Google API is in testing stage, but if I change it to production state, I can't use copy & paste authorization method. When I try to authorize, I'm receiving 400 error and notice: "The out-of-band (OOB) flow has been blocked in order to keep users secure. Follow the Out-of-Band (OOB) flow migration guide linked in the developer docs below to migrate your app to an alternative method." Had anyone met same issue? Is there any workaround in headless authorization?

[astrada]

Yes, please follow the directions in issue #764

[Phils80]

Yes, please follow the directions in issue #764

Thanks a lot Alessandro ! Yesterday I have created token with loopback and it seems to be working. I'll wait one week and close this issue.

[Phils80]

Hi, as promised closing this issue - directions in #764 works perfectly for me. Only one remark for others - before getting token using web application method with loopback make sure that there is no computer app in project in testing mode.