Closed Oxalin closed 4 years ago
perry-mitchell
commented
5 years ago Hi @Oxalin - Could you try logging in to the second account in the same browser and then try again? I think google should provide account selection, as this isn’t controlled by Buttercup at all. We simply launch the OAuth2 flow and google handles the rest, account selection and all.
perry-mitchell
commented
5 years ago And sorry for the delay.. Busy times at the moment, hope you understand.
Oxalin
commented
5 years ago No problem, as you can see, I've been busy.
So, even though I was pretty sure I had tested your suggestion before, I did it once more. Same result: it uses the information provided with the first account. Indeed, at some point, Google should propose to use a given account or swith to a different one.
I may be wrong here, but I'm pretty sure the OAuth2 should be used only to access the file, not when we try to "Add a Vault". I draw a parallel with how Mozilla Thunderbird works with different calendars.
For now, I'm using a workaround where I share my buttercup encrypted files with the same Google account I identified myself with.
perry-mitchell
commented
5 years ago OAuth2 should be used only to access the file, not when we try to "Add a Vault"
Well actually OAuth is responsible pretty much for the whole process. You see, Buttercup is at least written with the intent of providing support for multiple vaults from multiple sources, even if that's not working right now. When adding a new vault, we need to get the OAuth2 authorisation URI to load to get the user's login information first, so OAuth is required from the get-go.
If you're currently logged in under a google session, I can see that the OAuth2 flow might just skip past asking you, as it can sense an already logged in account. If you log out of your existing account and then log in under the alternate one, you should be able to repeat the add-new flow to get a vault added from the second account. At least this is how I'd imagine it to work.
perry-mitchell
commented
5 years ago Ok, I did a little digging. It may be possible to force an account selection page by modifying this line:
Changing it to select_account+consent instead of consent may do the trick, if this stackoverflow answer is to be believed.
Oxalin
commented
5 years ago Should I clone and test it?
perry-mitchell
commented
5 years ago @Oxalin That'd be great if you could!
Oxalin
commented
4 years ago Sorry for not following up earlier, it has been a long 2 months over here. From what I've tested, it doesn't change the behavior. I'll still investigate the thing a bit more, but I'm working on something else for the moment.
perry-mitchell
commented
4 years ago This should be addressed by the select_account tag in the prompt field, and it's confirmed by the OpenID docs: https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
I'll release this very shortly. If it still doesn't help, the issue may be something else and we'll need to treat that separately I'm afraid. I however was presented with the account selector dialog each time I re-authenticated.
perry-mitchell
commented
4 years ago @Oxalin I found another issue here, which should go out in 2.12.0. Hopefully that fixes this issue for you!
Hi, I just installed Buttercup, did some tests. While Google Drive is not available yet on the Desktop client, it is under the Firefox extension. Great.
So I'm in a working environment where we want to share some common accesses (username / password available for the whole organization) and also to have our own personal ones. This means two vaults per employee: one shared between us within the organization's account, the other one, personal, in our own private Google Drive account.
Buttercup can manage multiple vaults just fine, but it seems impossible for now to add a second vault from a different account: once I went through the steps to create and add my first vault (the shared one), even if i go through "Add vault" > "Add Archive" > "Choose Vault Type" again and select Google Drive, I can't select a different account: it will automatically use the previous authentification. Am I missing a way to select a different Google Drive account or is Buttercup limited to one Google Drive account at a time.