Open Q-Tran opened 1 year ago
telotortium
commented
1 year ago I recently discovered that plstore can use asymmetric GPG keys from gpg-agent and wrote some instructions on how to use it. It at least doesn't prompt me for passwords so much. Try setting this up and see if it works? https://github.com/kidd/org-gcal.el/pull/239
dmitrym0
commented
1 year ago I recently discovered that
plstorecan use asymmetric GPG keys fromgpg-agentand wrote some instructions on how to use it. It at least doesn't prompt me for passwords so much. Try setting this up and see if it works? #239
@telotortium I've followed your directions and I'm still showing this error. Additionally, I'm showing a gpg error now as well:
Saving file /Users/dmitrym/.emacs.d/oauth2-auto.plist...
Wrote /Users/dmitrym/.emacs.d/oauth2-auto.plist
deferred error : (wrong-type-argument stringp ("0CB..."))I do have this as well
#+begin_src elisp
(require 'plstore)
(add-to-list 'plstore-encrypt-to '("0CB...."))
#+end_srcWhen I invoke gcal-sync, I get asked for the oauth repeatedly and then Emacs just seems to hang. Any idea what might be going on?
telotortium
commented
1 year ago @dmitrym0 I think this is a bug with GnuPG 2.4.1 and greater, or at least Emacs' use of it. On https://github.com/kidd/org-gcal.el/issues/238#issuecomment-1555902363 someone solved this issue by downgrading GPG to 2.4.0 or below, and that worked for me as well to solve that issue.
dmitrym0
commented
1 year ago @telotortium thanks that worked!
tiktaaliki
commented
1 year ago Hi, I'm not sure if I should create a new issue or not, since this is still listed as open. If I should open a new request instead of writing here, please let me know!
When I run org-gcal-sync, I get deferred error : (epg-error "Decryption failed" "")
In contrast to dmitrym0, downgrading GPG to 2.4.0 or below did not resolve the issue for me.
I also tried following the instructions to use plstore and asymmetric keys, but got stuck at this step:
I'm not sure what this means. Pinentry is installed on my machine and found this https://www.gnupg.org/related_software/pinentry/index.html but I am not very technically savvy and do not know how to set up pinentry for gpg-agent. I am on Manjaro.
It's possible that executing these steps and then downgrading would be effective, so any help on this last point would be appreciated, thank you!
dmitrym0
commented
1 year ago @tiktaaliki I went through the instructions one more (because I forgot my gpg password) and they seem to work fine.
Which step did you have problems with regarding setting up pin entry?
aliyss
commented
1 year ago Same issue on my machine. I thought I might summarize.
Used oauth2-auto (but the process and result is the same):
(require 'oauth2-auto)
(setq
oauth2-auto-google-client-id "[REDACTED]"
oauth2-auto-google-client-secret "[REDACTED]"
)
;; testing
(oauth2-auto-access-token-sync oauth2-auto-google-client-id 'google)The code correctly opens the browser page and the process works well with a success message on the localhost page. Afterwards it hangs a bit on the "Contacting host: oauth2.googleapis.com:443". And at the end I receive the same error message as described above.
Specs:
I'll try out the asymetric gpg-agent stuff later on (maybe tmrw) and report back if that worked out in my case. @tiktaaliki
aliyss
commented
1 year ago Alright... So it works for me now. I changed a few things, so I'm not sure which ones worked out. Please keep in mind I started with emacs just this week. I don't really know what I'm doing.
Specs:
In your ~/.gnupg/gpg-agent.conf (create if not exists) add the following:
# I'm assuming this is what made it work.
allow-loopback-pinentryIn your terminal:
gpgconf --reload gpg-agentIn your emacs config add the following:
(require 'epa-file)
;; And then this setting probably is also the winner.
(setq epg-pinentry-mode 'loopback)
(epa-file-enable)
;; I don't know if this is necessary. I removed it again.
;; Essentially it is the path to the downgrade package I used.
(setq epg-gpg-program "~/Downloads/gnupg-2.4.0/bin/gpg")
;; No clue if I need this. But I kept it.
(setq plstore-cache-passphrase-for-symmetric-encryption t)
;; Same thing here. This is more or less
;; lazy copy pasting without reading the descriptions
(setq gnutls-algorithm-priority "NORMAL:-VERS-TLS1.3")
(use-package org-gcal
;; This is just to make sure I use the correct version.
;; Most likely not needed.
:elpaca '(org-gcal :host github :repo "kidd/org-gcal.el")
:init
(setq org-gcal-client-id "CLIENT_ID_HERE"
org-gcal-client-secret "CLIENT_SECRET_HERE")
...
)I think restarting emacs is also necessary. Like restart it twice for safe measure.
After that it will prompt you for a password, after doing the browser stuff for the first time. If you don't enter a password it won't work. If you enter a password you are good to go.
tiktaaliki
commented
1 year ago hallelujah! @aliyss thank you so much for writing all that out. it worked!!
I have the same problem here, and I created an empty oauth2-auto.plist file in my user-emacs directory. I am still getting the same error and do not know where to "use a password" as referenced in the solution given below.
Originally posted by @malleyeno in https://github.com/kidd/org-gcal.el/issues/213#issuecomment-1377371541