OAuth2 authentication provider for Gerrit Code Review. Please upload changes for review to: https://gerrit-review.googlesource.com/#/admin/projects/plugins/oauth
Apache License 2.0
140
stars
84
forks
source link
Clarification needed on Google OAuth Client ID alert for Gerrit authentication #151
We are using Gerrit 3.2.0 and "OAuth 2.0 Client IDs" for gmail based authentication in our environment. For the record our gerrit-oauth-provider plugin version is 22f2be2ea8. However we have received an alert from Google with the below content
We are writing to let you know that Google will discontinue support for sign-ins to Google accounts from embedded browser frameworks, starting January 4, 2021. We have detected the use of an embedded browser framework with one or more of your OAuth clients that may be blocked on or after January 4, 2021. Please review your use of Google Account authorization flows in the following Google OAuth client IDs and make any required changes before January 4, 2021
According to this stackoverflow thread it looks like there is no action item needed from our end as we are using the compliant OAuth2.0 Client ID and latest browsers.
Do we need to worry about this w.r.t the usage of Gerrit Oauth plugin or not? please advice
We are using Gerrit 3.2.0 and "OAuth 2.0 Client IDs" for gmail based authentication in our environment. For the record our gerrit-oauth-provider plugin version is 22f2be2ea8. However we have received an alert from Google with the below content
We are writing to let you know that Google will discontinue support for sign-ins to Google accounts from embedded browser frameworks, starting January 4, 2021. We have detected the use of an embedded browser framework with one or more of your OAuth clients that may be blocked on or after January 4, 2021. Please review your use of Google Account authorization flows in the following Google OAuth client IDs and make any required changes before January 4, 2021
According to this stackoverflow thread it looks like there is no action item needed from our end as we are using the compliant OAuth2.0 Client ID and latest browsers.
Do we need to worry about this w.r.t the usage of Gerrit Oauth plugin or not? please advice