Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
KDE:Applications:18.12
kaccounts-providers
0001-Google-provider-limit-requested-OAuth-scop...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Google-provider-limit-requested-OAuth-scopes.patch of Package kaccounts-providers
From 0a71da4e3caae0defe200a85954fc7e2012010c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Vr=C3=A1til?= <dvratil@kde.org> Date: Mon, 13 Jan 2020 13:48:37 +0100 Subject: [PATCH] Google provider: limit requested OAuth scopes Summary: Limit the scopes to what is actually permitted in the Google App settings: contacts and calendars for future PIM integration, GDrive for KIO-GDrive, and Youtube (upload-only) for the Purpose sharing plugin. We can extend this in the future if needed easilly, it's easier for us to get the Google App verified if we can proof and show how the individual scopes are used by KDE. Reviewers: elvisangelaccio, bshah Reviewed By: elvisangelaccio, bshah Differential Revision: https://phabricator.kde.org/D26454 (Merged with commit 5952bf2: Remove the extra comma) --- providers/google.provider.in | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/providers/google.provider.in b/providers/google.provider.in index 638c1a9..97307af 100644 --- a/providers/google.provider.in +++ b/providers/google.provider.in @@ -21,22 +21,15 @@ order to return a refresh token --> <setting name="ResponseType">code</setting> <setting name="Scope" type="as">[ - 'https://docs.google.com/feeds/', - 'https://www.googleapis.com/auth/googletalk', - 'https://www.googleapis.com/auth/youtube.upload', - 'https://www.googleapis.com/auth/youtube', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile', - 'https://picasaweb.google.com/data/', 'https://www.googleapis.com/auth/calendar', - 'https://www.google.com/m8/feeds/', 'https://www.googleapis.com/auth/tasks', + 'https://www.google.com/m8/feeds/', 'https://www.googleapis.com/auth/drive', - 'https://www.googleapis.com/auth/drive.file', - 'https://www.googleapis.com/auth/drive.metadata.readonly', - 'https://www.googleapis.com/auth/drive.readonly' + 'https://www.googleapis.com/auth/youtube.upload' ]</setting> - <setting name="AllowedSchemes" type="as">['https','http']</setting> + <setting name="AllowedSchemes" type="as">['https']</setting> <setting name="ClientId">317066460457-pkpkedrvt2ldq6g2hj1egfka2n7vpuoo.apps.googleusercontent.com</setting> <setting name="ClientSecret">Y8eFAaWfcanV3amZdDvtbYUq</setting> <setting name="ForceClientAuthViaRequestBody" type="b">true</setting>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor