Google to turn off old ways of signing in on January 4, 2021.

kiwiz / gkeepapi

An unofficial client for the Google Keep API.

MIT License

1.53k stars 114 forks source link

Google to turn off old ways of signing in on January 4, 2021. #100

Closed wizpig64 closed 3 years ago

wizpig64 commented 3 years ago

from https://developers.googleblog.com/2020/08/guidance-for-our-effort-to-block-less-secure-browser-and-apps.html via https://news.ycombinator.com/item?id=25172755

To protect our users from these types of attacks Google Account sign-ins from all embedded frameworks will be blocked starting on January 4, 2021.

It looks like google is going to block signing in with usernames/passwords through tools that aren't officially trusted browsers. This could affect how gkeepapi obtains master tokens.

I'm not 100% sure how gkeepapi's login system works, but it sounds like it might have to change to use "browser-based OAuth 2.0 flows".

vitriolix commented 3 years ago

Is there a reason this couldn't use the server sdks?

https://github.com/googleapis/google-api-python-client

kiwiz commented 3 years ago

@vitriolix The Keep API is private, so there's no way to get valid API tokens for it via public mechanisms.

gpsoauth uses the login flow that Google Play Services uses, which (I think) is unique from the CEF flow. That said, there isn't much that can be done right now, so we'll just need to see what happens on Jan 4.

djsudduth commented 3 years ago

Sigh....why don't they just release an official Google Keep API???

jankenbrandt commented 3 years ago

so the below would be due to this change? Just found this project and sigh THIS:

keep.login('############@gmail.com','****') Traceback (most recent call last): File "", line 1, in File "/usr/local/lib/python3.8/dist-packages/gkeepapi/init.py", line 695, in login ret = auth.login(username, password, device_id) File "/usr/local/lib/python3.8/dist-packages/gkeepapi/init.py", line 59, in login raise exception.LoginException( gkeepapi.exception.LoginException: ('NeedsBrowser', 'To access your account, you must sign in on the web. Touch Next to start browser sign-in.')

trustmaster commented 3 years ago

Login still works for me today. Not sure which one is more odd: the error above or that it's still working. Note: I don't have 2FA enabled.

jankenbrandt commented 3 years ago

I am an idiot. More an infrastructure guy than python. I had to generate an app password for it to work.

wizpig64 commented 3 years ago

if you're an idiot, you're a helpful idiot. i'm closing this issue, because logging in still works, and it's after January 4th.

thank you! :)