Closed robertknight closed 3 months ago
We're going to roll this out next Monday to minimize the risk of disruption to users. Coordination happening here: https://hypothes-is.slack.com/archives/C4K6M7P5E/p1718370161353309?thread_ts=1718176476.315619&cid=C4K6M7P5E.
Switch from using the sensitive/restricted
https://www.googleapis.com/auth/drive
scope to the non-restrictedhttps://www.googleapis.com/auth/drive.file
scope. The latter allows our app to only access files that have been shared via the Google Drive Picker, whereas the former allows access to all files.For this to work, the OAuth client ID needs to be passed when configuring the picker, so that the selected file is later made available for use with the Google Drive API client. See https://stackoverflow.com/a/58175142/434243.
Fixes https://github.com/hypothesis/lms/issues/1333. See also Slack thread.
Testing: