Bug#949330: evolution: Google OAuth forces use of internal browser without way to change URL

brian m. carlson sandals at crustytoothpaste.net
Sun Jan 19 21:46:23 GMT 2020 

Source: evolution
Version: 3.34.1-2+b1
Severity: important

At work, I use a Google Apps service with a single sign-on provider.  As
a result, I need to use a browser to authenticate to Google so I can use
OAuth2.

In addition, our company uses Duo Mobile, which restricts access to
users with up-to-date software.  The version of WebKit which is used is
viewed as a too-old version of Safari on macOS[0], and therefore
authentication is not permitted.

I can actually work around this issue by copying and pasting the URL
into Firefox, but I cannot then paste the URL from the sign-in flow back
into the URL bar in the internal browser, so I'm stuck and cannot log
in.  The Google OAuth2 flow, when run in Firefox, does provide me a
token I can paste back in, but Evolution cannot accept that token in
place of the login flow.

In order to be able to use Evolution with Google's OAuth2 flow, I need
one of the following to happen:

1. Evolution reports itself as a recent, modern (e.g., patched macOS
Catalina-equivalent) version of Safari and continues to update this
value.
2. Evolution allows using an external browser, such as Firefox, to log
in for OAuth2 flows.
3. Evolution allows pasting into the URL bar so I can paste the proper
URL in from Firefox (assuming it otherwise supports doing that).
4. Evolution allows pasting in the token from Google I can use in
Firefox instead.

[0] Not updating the user-agent appears to be a deliberate decision in
WebKit2GTK because "User Agent sniffing is…terrible…."  I agree, but I
don't make the decisions here.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- 
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 868 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20200119/c3a78c1a/attachment.sig>

More information about the pkg-gnome-maintainers mailing list