Open KenErikson opened 2 years ago
Note: this leaves the app in a locked unusable state. At least if one intended to use GoogleDrive.
One can do this accidentally, or in the past I've done it to see if an app would ask for lower request if one only used a subset of the features. (e.g. create new -> maybe not request access to whole drive)
Thanks for reporting this annoying bug. I can reproduce it and as you mentioned with "this leaves the app in a locked unusable state. At least if one intended to use GoogleDrive", if I revoke the permission I'm unable to connect it again, even when I re-install Cryptomator. Only installing it on a new device triggers on this new device the app permission grant dialog but the first phone still can not access the drive.
While debugging, the interesting thing is that Google still grants auth tokens for the scope DriveScopes.DRIVE
to access Google Drive but when executing a request against Drive, a GoogleJsonResponseException
is thrown with code 401
which isn't of kind UserRecoverableAuthIOException
which means Google don't know how to recover from this state but should provide us the app grant dialog again which we unfortunately cannot open ourselves.
Unfortunately, there is nothing we can do in this regard except file a bug report at Google which I'll do in a moment and hope that they fix the problem.
I can't reproduce it but what helped once was to clear the cache of the "Google Play Services" app but right now that doesn't help anymore.
Some time later, I get the UserRecoverableAuthException: NeedRemoteConsent
again with the intent to show the permission grant dialog.
So it looks like the current workaround is to wait some time and try it again^^
:+1: Thank you for looking into it so quickly, good to know about the upstream bug, and that it's not locked forever.
Maybe even just needed some time to propagate, who knows.
Maybe even just needed some time to propagate, who knows.
Yes, my guess is that the refresh token has to expire, then they realize they can't issue a new refresh token. However, only google knows why they still provide access tokens as long as the refresh token is valid without checking whether the scope can still be accessed and why not the correct error is thrown when accessing it but it's just a wild guess :)
Hello,
I confirm I also get this error since 2 days now (and the underlying exception says NeedRemoteConsent too) Completely stuck with this. I will wait a few days as you did to see if it helps or not...
@obo-ueat that is a different message. Where did you installed the app from?
@SailReal while trying to find what was happening, I cloned the repo and make it run locally to debug it. I had the original message mentioned in the issue description but it was missing some details so I tried to figure out if it was something broken in the code itself and not on Google side.
The error I've posted is obtained with the version running in the emulator (using an image with google play services activated of course).
here are the details from the error in case you wanted to know @SailReal
...I had the original message mentioned in the issue description but it was missing some details...
After around 1h Google will send the correct error message again which will trigger the permission grant screen.
The error I've posted is obtained with the version running in the emulator (using an image with google play services activated of course).
Yes, that was my guess. We need to update the README as we separated this week the Google project which manages the access to the Drive API. Before we used for testing and production the same Google project but Google don't like that so we now have one for production and one for testing.
However, Google testing projects can only be used by Google accounts that have been explicitly granted access manually in the project. This means that, similar to Dropbox and Onedrive, you now unfortunately have to do something to be able to use the corresponding cloud when you build the app yourself :/ . Here are some instructions on what to do: https://www.raywenderlich.com/5144-integrating-google-drive-in-android (the chapter regarding Registering for Google Drive
is the one of interest)
I will mark our posts as off-topic as they describe a different issue and will adapt the README. If you want discuss this further, feel free to create a new issue.
Thank you very much @SailReal for the explanation, that makes sense :-) I will make the appropriate changes to be able to build locally following your pointer and will review your updated version of the README when available. Thanks again!
Please agree to the following
Summary
Cryptomator does not ask for google drive permission again after revoked
System Setup
Cloud Type
Google Drive
Steps to Reproduce
Expected Behavior
Ask for google drive permission again
Actual Behavior
Just shows "Error" popup
Reproducibility
Always
Relevant Log Output
Anything else?
No response