Bug 685299 – GOA now uses OAuth 2.0 for Calendar and Contacts

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 685299 - GOA now uses OAuth 2.0 for Calendar and Contacts


Summary:	GOA now uses OAuth 2.0 for Calendar and Contacts


Status:	RESOLVED FIXED

Product:	evolution-data-server
Classification:	Platform
Component:	general
Version:	3.8.x (obsolete)
Hardware:	Other All

Importance:	Normal normal
Target Milestone:	---
Assigned To:	Evolution Shell Maintainers Team
QA Contact:	Evolution QA team

URL:
Whiteboard:

Depends on:	661065
Blocks:

Reported:	2012-10-02 14:18 UTC by Debarshi Ray
Modified:	2013-09-14 16:56 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Debarshi Ray 2012-10-02 14:18:15 UTC

For GNOME 3.8, we have migrated GOA to use OAuth 2.0. EGDataGoaAuthorizer should
now look for and use the OAuth2 tokens.

(Why not replace EGDataGoaAuthorizer with GDataGoaAuthorize?)

See bugs 661065 and 685289

Comment 1 Matthew Barnes 2012-10-11 02:24:56 UTC

(In reply to comment #0)
> (Why not replace EGDataGoaAuthorizer with GDataGoaAuthorize?)

Because it's not yet in a stable gdata release.  It was only just added to 0.13.1.

For the E-D-S 3.7/3.8 development cycle, our minimum GOA requirement is 3.6.0 so we'll have to support both OAuth1 and OAuth2 for at least one release.

Also, we talk to Google Calendar over CalDAV and last I checked Google's CalDAV service still only supports Basic authentication.  So this bug just applies to Google Contacts.

Comment 2 Debarshi Ray 2012-10-11 07:39:51 UTC

(In reply to comment #1)
> (In reply to comment #0)
> > (Why not replace EGDataGoaAuthorizer with GDataGoaAuthorize?)
> 
> Because it's not yet in a stable gdata release.  It was only just added to
> 0.13.1.

Right.

> For the E-D-S 3.7/3.8 development cycle, our minimum GOA requirement is 3.6.0
> so we'll have to support both OAuth1 and OAuth2 for at least one release.

It is easy to check at runtime. Just check whether the account has the OAuthBased or the OAuth2Based interface and act accordingly.
 
> Also, we talk to Google Calendar over CalDAV and last I checked Google's CalDAV
> service still only supports Basic authentication.  So this bug just applies to
> Google Contacts.

Ok.

Comment 3 Matthew Barnes 2012-10-11 18:41:09 UTC

Committed an untested prototype based on the specification:
http://git.gnome.org/browse/evolution-data-server/commit/?id=f23f88b2b5e4662730bada1797378fbddfe7ddfa

I'll give it some testing once I get GOA upgraded to 3.7.x.

Comment 4 Matthew Barnes 2012-10-12 01:46:42 UTC

Had trouble testing with GOA 3.7 -- kept getting this error:

21:24:03.687:[28517]:[NOTICE]: /org/gnome/OnlineAccounts/Accounts/account_1349901939: Setting AttentionNeeded to TRUE because EnsureCredentials() failed with: Credentials not found in keyring (goa-error-quark, 0): Failed to retrieve credentials from the keyring (goa-error-quark, 4) [goadaemon.c:1248, ensure_credentials_cb()]

And after I would log into Google through GOA, GOA would claim my credentials were expired again.

In any case, with the help of Google's OAuth 2.0 Playground, I changed the Authorization header in EGDataGoaAuthorizer to match.  So I'm going to consider this fixed for now and I'll try to retest with a full GNOME 3.7.1 release.

http://git.gnome.org/browse/evolution-data-server/commit/?id=870bcc9eced87f74807cfeacb16f995a797eb277