Bug 2087313

Summary: Deja Dup's Google support will break in September 2022 for versions < 43.3
Product: [Fedora] Fedora Reporter: Michael Terry <mike>
Component: deja-dupAssignee: Gwyn Ciesla <gwync>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: fedora, gwync, jitesh.1337, kai-engert-fedora, mike, walter.pete
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: deja-dup-42.8-3.fc34 deja-dup-42.8-3.fc35 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-06-01 01:05:57 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Backported fix for 42.8
none
Backported fix for 42.7 none

Description Michael Terry 2022-05-17 19:39:59 UTC 
Hello! I'm the maintainer of Deja Dup. I was recently made aware that Google is removing an oauth workflow that Deja Dup uses, in September.

Here's their blog post about it: https://developers.googleblog.com/2022/02/making-oauth-flows-safer.html

Here's the upstream bug about switching to a new oauth flow: https://gitlab.gnome.org/World/deja-dup/-/issues/222

I've released version 43.3 with a new oauth workflow. This basically switches us from redirecting the oauth page to a local http://localhost:xxxx/ page being served by deja-dup and instead has the browser launch a custom URI like 'com.googlecontent.xxx:/oauth2redirect?code=yyy', which then launches deja-dup and gives it the correct oauth token.

The key differences for packagers is just to note that now deja-dup will register itself as a handler for those weird URI schemes (they are specific to deja-dup, as they include its client ids for the service).

I think this deserves a backport to all supported releases. I can whip up a patch for you in a bit, just wanted to get this registered as an issue.

To be a bit more specific about what will break:
- Existing users that have already granted deja-dup access to Google will continue to work without any issue.
- In August, users will see a warning on the oauth screen.
- And then in September, any new attempt to connect deja-dup to Google will not work.
Comment 1 Gwyn Ciesla 2022-05-17 19:50:33 UTC 
Thank you! A patch would be most welcome, as we can't update to 43.x in <f36 because of a lack of gtk4.
Comment 2 Michael Terry 2022-05-20 00:52:28 UTC 
Created attachment 1881487 [details]
Backported fix for 42.8

Here is a backported patch for 42.8 in F35 (minus some cleanup that doesn't matter for a backport). I've briefly tested it but still. Any extra QA welcome. One for 42.7 in F34 coming as well.
Comment 3 Michael Terry 2022-05-20 00:52:48 UTC 
Created attachment 1881488 [details]
Backported fix for 42.7
Comment 4 Fedora Update System 2022-05-23 17:33:56 UTC 
FEDORA-2022-07c5ceed0c has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2022-07c5ceed0c
Comment 5 Fedora Update System 2022-05-23 17:33:57 UTC 
FEDORA-2022-a8e368d55d has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-a8e368d55d
Comment 6 Gwyn Ciesla 2022-05-23 17:37:54 UTC 
Thank you so much!
Comment 7 Fedora Update System 2022-05-24 01:15:45 UTC 
FEDORA-2022-a8e368d55d has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-a8e368d55d`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-a8e368d55d

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 8 Fedora Update System 2022-05-24 02:05:24 UTC 
FEDORA-2022-07c5ceed0c has been pushed to the Fedora 34 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-07c5ceed0c`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-07c5ceed0c

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 9 Fedora Update System 2022-06-01 01:05:57 UTC 
FEDORA-2022-07c5ceed0c has been pushed to the Fedora 34 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 10 Fedora Update System 2022-06-01 01:25:54 UTC 
FEDORA-2022-a8e368d55d has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.