Created attachment 126925 [details] Start login In the new version this bug is not corrected (Bug 100113). Now he asks for a PIN but never gets a message that does not accept PIN and the PIN generated by Autenticator App.
Created attachment 126926 [details] Error... The same error as before
@guiseppe: maybe you can have a look? thanks!
Checked with: Version: 5.2.0.4 Build ID: 066b007f5ebcc236395c7d282ba488bca6720265 CPU Threads: 4; OS Version: Windows 6.2; UI Render: default; Locale: it-IT (it_IT) I found it working on standard (e.g. not 2FA) account. Unfortunately not working on a 2FA enabled account. Strangely Google sent me always the same PIN code. Until a few days ago 2FA worked, with the same LO version. I think Google changed again the login page. Unfortunately I don't have time to look into the matter ATM, it will be necessary to fix something in libcmis I think.
Confirmed based on Giuseppe's reply.
Created attachment 127123 [details] LibreOffice 5.2.0.4 Google drive 2FA failing english Have experienced the same "Error saving the document <filename>: The specified device is invalid" error as before. The only advancement with 5.2.0.4 is that we are now being requested the PIN. But once we enter that, the result remains the same as in the screenshot attached.
Same problem on Libreoffice 5.2.1.2 x64 on Windows 10. After entering the PIN, I get the error "The specified device is invalid". So I can't even browse my contents on Google Drive.
I am not sure if my experience is appropriate to this bug, or if it something else. But it is definitely a case of 2-factor not working! I have installed the 64 bit version 5.2.2.2 When attempting to connect to google drive I get a dialogue asking me for a PIN from my account There is a small dialgoue with a G- in front of the data entry box. What pops up on my phone is a wholly different dialogue, asking me to tap on one of 3 numbers that are displayed on the login attempt. They aren't. So LibreOffice is asking for a number that is not displayed on the phone, and the phone is asking for a number that is not displayed by LibreOffice. SOme mistake there, I feel. Screen grabs wil follow
Created attachment 127700 [details] First screen grab for comment 7 This is Libre Office trying to log into my Google Drive account, and waiting for authentication
Created attachment 127701 [details] Second screen grab for comment 7 This is what the phone offers as the 2nd factor
(In reply to Alberto Gaburro from comment #6) > Same problem on Libreoffice 5.2.1.2 x64 on Windows 10. > > After entering the PIN, I get the error "The specified device is invalid". > So I can't even browse my contents on Google Drive. Upgraded Libreoffice from 5.2.1.2 to 5.2.2.2 x64 on Windows 10. Nothing changes :(
(In reply to Alberto Gaburro from comment #10) > (In reply to Alberto Gaburro from comment #6) > > Same problem on Libreoffice 5.2.1.2 x64 on Windows 10. > > > > After entering the PIN, I get the error "The specified device is invalid". > > So I can't even browse my contents on Google Drive. > > Upgraded Libreoffice from 5.2.1.2 to 5.2.2.2 x64 on Windows 10. > Nothing changes :( Upgraded Libreoffice from 5.2.2.2 to 5.2.3.3 x64 on Windows 10. Nothing changes :(
I can confirm that Google Drive 2FA is broke again. LibreOffice 5.2.4.2 (Fresh PPA), Linux Mint 18.1.
(In reply to Alberto Gaburro from comment #11) > (In reply to Alberto Gaburro from comment #10) > > (In reply to Alberto Gaburro from comment #6) > > > Same problem on Libreoffice 5.2.1.2 x64 on Windows 10. > > > > > > After entering the PIN, I get the error "The specified device is invalid". > > > So I can't even browse my contents on Google Drive. > > > > Upgraded Libreoffice from 5.2.1.2 to 5.2.2.2 x64 on Windows 10. > > Nothing changes :( > > Upgraded Libreoffice from 5.2.2.2 to 5.2.3.3 x64 on Windows 10. > Nothing changes :( Upgraded Libreoffice from 5.2.4.2 to 5.2.5.1 x64 on Windows 10. Nothing changes :(
Upgraded Libreoffice to 5.3.0.3 x64 on Windows 10. Nothing changes :(
Version field is supposed to be the oldest version the bug was observed with, please don't change to a newer one.
Just confirmed on XUbuntu 16.04.2 using the following LibreOffice build: Version: 5.3.0.3 Build ID: 1:5.3.0~rc3-0ubuntu1~xenial1.1 CPU Threads: 4; OS Version: Linux 4.4; UI Render: default; VCL: gtk2; Layout Engine: new; Locale: en-US (en_US.UTF-8); Calc: group Further, I noticed that when I enter a wrong password with two-factor enabled, the dialogue for two factor appears. Then I enter the six digit code and whatever I enter in that box I get "The specified device is invalid". I also get this error if I type an unused email address or the wrong password.
Same behavior here (using LO from TDF, version 5.3.1.2). In fact, my phone never receives the expected SMS from Google, so I can't even type the 6-digit G-code.
I confirm the bug in version 5.2.6.2 on Windows 10 x64. 2-FA enabled Google Account doesn't work.
Just the same, LO from TDF, 5.3.2.2, Linux
Thanks for the update, but Max, please keep version at earliest (known) affected.
Confirmed "The specified device is invalid." with good credentials and good OATH-TOTP code. Let me know if I can add any information. It's not clear to me how or whether it's possible to enable any form of logging for LibreOffice on Windows. Version: 5.3.2.2 (x64) Build ID: 6cd4f1ef626f15116896b1d8e1398b56da0d0ee1 CPU Threads: 8; OS Version: Windows 6.1; UI Render: GL; Layout Engine: new; Locale: en-US (en_US); Calc: group Oracle JRE 1.8.0_131 x86 and x64 installed system-wide, functioning, and enabled in LO options. Java critical files - C:\Windows\Sun\Java\Deployment\deployment.config - deployment.system.config=file:///C:/Windows/Sun/Java/Deployment/deployment.properties deployment.system.config.mandatory=true deployment.system.config.locked deployment.system.config.mandatory.locked C:\Windows\Sun\Java\Deployment\deployment.properties - #System Deployment Properties deployment.cache.jarcompression.locked=true deployment.cache.jarcompression=9 deployment.cache.max.size.locked=true deployment.cache.max.size=256 deployment.console.startup.mode.locked=true deployment.console.startup.mode=DISABLE deployment.expiration.check.enabled.locked=true deployment.expiration.check.enabled=false deployment.insecure.jres.locked=true deployment.insecure.jres=NEVER deployment.javaws.associations.locked=true deployment.javaws.associations=2 deployment.javaws.shortcut.locked=true deployment.javaws.shortcut=ASK_USER deployment.javaws.update.timeout.locked=true deployment.javaws.update.timeout=2500 deployment.log.locked=true deployment.log=false deployment.proxy.type.locked=true deployment.proxy.type=0 deployment.roaming.profile.locked=true deployment.roaming.profile=false deployment.security.authenticator.locked= deployment.security.authenticator=true deployment.security.level.locked=true deployment.security.level=VERY_HIGH deployment.security.revocation.check.locked=true deployment.security.revocation.check=ALL_CERTIFICATES deployment.security.SSLv3.locked=true deployment.security.SSLv3=false deployment.security.use.native.sandbox.locked=true deployment.security.use.native.sandbox=true deployment.security.validation.clockskew.locked=true deployment.security.validation.clockskew=5 deployment.security.validation.crl.locked=true deployment.security.validation.crl=true deployment.security.validation.ocsp.locked=true deployment.security.validation.ocsp=true deployment.security.validation.timeout.locked=true deployment.security.validation.timeout=5 deployment.trace.locked=true deployment.trace=false deployment.user.logdir.locked=true deployment.user.logdir=null install.disable.sponsor.offers.locked=true install.disable.sponsor.offers=true
Today i tried to connect to Google Drive with LO 5.3.3(32Bit) on Win10Pro 64Bit with 2FA, and i worked, but only, if i receive the PIN via SMS on my IPhone. During the initial installation i received 2 PINs. PIN via Autenticator App does not work for me too.
[ES] Yo no recibo nunca el mensaje con Movistar en Argentina. Si es para ingreso al Mail, sí, pero no para esto. [EN] I never receive the message with Movistar in Argentina. If it is to login to the Mail, yes, but not for this.
For me also, authentication via Google Authenticator app on iOS didn't work. As LO - strangely - doesn't offer a choice of alternative options to choice Google authentication code delivery method delivery, then you have to setup your phone as Default Google Authentication option - then, again problem, as Google, doesn't allow freely to choose delivery option, and set default delivery option itself, the only way to get phone as a default Google authenticator code delivery option is to remove all other options, namely, in my case, Google Prompt option, and Google Authenticator app option. Then - again strangely - LO ask for GDrive credentials, incl. authenticator code again - I am just wondering, what the sense of going such loop..? Then, when finally Gdrive directory get populated there are only just like 50-100 files and one directory, out of 1000s... - rendering it unusable. LO Version: 5.4.0.3 Build ID: 7556cbc6811c9d992f4064ab9287069087d7f62c CPU threads: 2; OS: Windows 6.2; UI render: default; Locale: en-IE (en_US); Calc: group
I tried to connect to Google Drive just after having installed LO 5.4. No change appeared : my phone received non SMS from Google.
Using LO 5.4.4.2 on Ubuntu 17.10, with 2FA *disabled*, I am asked for the PIN anyway. Unable to sign in.
Experiencing the same issue in Windows 6.0.0.3.
The bug is still there on LO 6.0.4 (Linux). I tried opening Google drive giving my account either as (my Gmail address) or (the first part of my Gmail address), without success : my phone didn't receive any SMS.
With Outlook. com accounts. the same thing happens. Is another report required or can you see with this one as well? With Outlook. com basins, the generated URL generates the same error.
(In reply to Leandro Martín Drudi from comment #29) > With Outlook. com accounts. the same thing happens. > Is another report required or can you see with this one as well? > With Outlook. com basins, the generated URL generates the same error. Sorry, Basins*: Accounts (I translate with google)
This is still a problem in 6.0.2.1. I have 2FA enabled and get the phone notification to approve the login every time I try to login. I approve the login, which does nothing with LO. I try to enter the PIN from Authenticator and receive the message about the device being invalid.
Let's keep version field as the earliest known affected version.
This bug also affects 2FA Google accounts that are using the App Password feature (https://support.google.com/accounts/answer/185833?hl=en) This is a feature that allows you to use a 16 character password that is unique to the app and it usually bypasses the need for any other 2FA method. Whether you use the standard Google password or the App password, LibreOffice is still prompting for a G-Pin to complete the sign in.
Created attachment 142096 [details] screen of the issue in ubuntu I'm using the version 6.0.3.2 with Ubuntu (Build ID: 1:6.0.3-0ubuntu1). I was able to setup my google account in order to receive the 6-digits PIN in my smartphone. But even after type it I'm getting the "The specified device is invalid." when trying to setup the connection. Btw, I'm able to connect to Drive using Nautilus.
*** Bug 119511 has been marked as a duplicate of this bug. ***
Hello, I just updated my LO install to the 6.1.1 version (Linux + KDE). And, suddenly, the connection with my Google drive works (with 2FA), that's really marvelous ! Thank you for your work.
I try in Windows and don't work. Versión: 6.1.1.2 (x64) Id. de compilación: 5d19a1bfa650b796764388cd8b33a5af1f5baa1b Subprocs. CPU: 4; SO: Windows 10.0; Repres. IU: predet.; Configuración regional: es-AR (es_AR); Calc: CL
(In reply to Robert Cabane from comment #36) > Hello, I just updated my LO install to the 6.1.1 version (Linux + KDE). And, > suddenly, the connection with my Google drive works (with 2FA), that's > really marvelous ! > Thank you for your work. Most likely fixed by https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-6-1-1&id=2751f625990bc4d619eb2b0b895f9d510f768a02
(In reply to Leandro Martín Drudi from comment #37) > I try in Windows and don't work. > Versión: 6.1.1.2 (x64) > Id. de compilación: 5d19a1bfa650b796764388cd8b33a5af1f5baa1b > Subprocs. CPU: 4; SO: Windows 10.0; Repres. IU: predet.; > Configuración regional: es-AR (es_AR); Calc: CL Do you get any erro message?
(In reply to Xisco Faulí from comment #39) > (In reply to Leandro Martín Drudi from comment #37) > > I try in Windows and don't work. > > Versión: 6.1.1.2 (x64) > > Id. de compilación: 5d19a1bfa650b796764388cd8b33a5af1f5baa1b > > Subprocs. CPU: 4; SO: Windows 10.0; Repres. IU: predet.; > > Configuración regional: es-AR (es_AR); Calc: CL > > Do you get any erro message? [ES] El mismo de siempre: «El dispositivo especificado no es válido.» Cuando he confirmado el LogIn en la ventana de LibreOffice, una ventana aparece en mi spartphone pidiendo autorización para el LogIn (con el fin de no usar el código). Presione "OK" o presione "No, no soy yo", igualmente, el código no funciona. He probado con el que llega por SMS tanto como el que se genera con la App "Autenticator" y ninguna funciona. El resultado es siempre el mismo. [EN] The same like always: "The specified device is invalid." When I have confirmed the LogIn in the LibreOffice window, a window appears on my spartphone asking for authorization for the LogIn (in order not to use the code). Press "OK" or press "No, it's not me", likewise, the code does not work. I have tried with the one that arrives by SMS as much as the one generated with the "Authenticator" App and none of them work. The result is always the same.
Created attachment 145146 [details] PopUp in my Android Smartphone. Android 8.0
it's not working with Version: 6.1.2.1 (x64) Build-ID: 65905a128db06ba48db947242809d14d3f9a93fe CPU-Threads: 4; BS: Windows 10.0; UI-Render: Standard; Gebietsschema: de-DE (de_DE); Calc: and Authenticator App. Entering 6 digit code ends with error message: "The specified device is invalid." browser login with Authenticator App works on my notebook.
Still getting this in Linux 6.1.2.1 on Ubuntu 18.10. Trying to use remote storage with 2FA application on phone. Program prompts for pin, no popup on phone, pin from app results on "Invaid Device" message.
Thanks for checking, Karl, please note that the version field is for the oldest known affected version.
This is not working for 6.1.2.1 and 6.2.0.0.alpha1 on W10. Issues: - 6 digit code asked with and without 2FA enabled. - Invalide device error message.
Same problem on LibreOfficeDev 6.2.0.0.beta1 Tried without 2FA, got prompt for 6 digit code. Turned on 2FA, installed Google Authenticator, but code from Authenticator does not work.
To add onto what was previously written. PIN is asked for irrespective of 2FA status. Not using Authenticator, the 2FA SMS is not sent either. Would happily volunteer my time to debug, but the information on https://wiki.documentfoundation.org/QA/BugReport/Debug_Information is daunting. Would need a bit of guidance. Build ID: 1:6.1.3~rc2-0ubuntu0.18.04.2 CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk3; Locale: en-US (en_US.UTF-8); Calc: group threaded
@Muhammet, since you fixed the personas issue, I thought you might be interested in this issue as well. I know they are not related at all, I'm just trying to find someone who might fix this one...
*** Bug 123315 has been marked as a duplicate of this bug. ***
*** Bug 124291 has been marked as a duplicate of this bug. ***
*** Bug 124375 has been marked as a duplicate of this bug. ***
*** Bug 124439 has been marked as a duplicate of this bug. ***
*** Bug 100914 has been marked as a duplicate of this bug. ***
*** Bug 126212 has been marked as a duplicate of this bug. ***
This feature doesn't work with my Google account _w/o_ 2FA. Bug hasn't be resolved for about 3 years and "very soon" we may celebrate 5 years anniversary. %-(
Google Drive two-factor authentication not working on 6.3.3.2 I'm getting the "The specified device is invalid." when trying to setup the connection.
*** Bug 129835 has been marked as a duplicate of this bug. ***
*** Bug 127662 has been marked as a duplicate of this bug. ***
Questions on AskLibO: https://ask.libreoffice.org/en/question/228561 https://ask.libreoffice.org/en/question/228235 https://ask.libreoffice.org/en/question/98400 https://ask.libreoffice.org/en/question/205890 https://ask.libreoffice.org/en/question/215674 https://ask.libreoffice.org/en/question/209927 https://ask.libreoffice.org/en/question/182924 ... and more. Xisco: a topic for ESC?
Just tried to add my Google Drive and One Drive accounts and had the exact same error of "Specified device is invalid" with both services. Also tried to make a connection via Sharepoint 2013 and it did not work as well.
Just an FYI. In the "This week in KDE" of May 15th 2020 Nate Ingraham reported that a similar issue to this one was solved for KMail and Kontacts. This is their bug report: https://bugs.kde.org/show_bug.cgi?id=404990 In comment 122 from that bug report they state the following: <<Google has approved KMail access to Gmail via Googla Sign-in today, so it should work again. Should you still see some errors, please let us know.>> They link to a Reddit topic where a lot of the steps to fix this are detailed! https://www.reddit.com/r/kde/comments/gi5bol/kmailkontact_oauth_signin_with_gmail_enabled_again/ Here are the relevant comments: "Hi all, I would like to share some news :) This morning Google has approved our verification request to allow KMail/Kontact to sign into Gmail using the Google Sign In, which supports 2FA out-of-the-box and is more secure, since KMail/Kontact never sees your password. If you have your IMAP account in KMail already configured in KMail and you would like to start using the OAuth sign-in, go to the account configuration (Settings→Configure KMail→Accounts→Receiving→[your Gmail IMAP account]→Modify) and in the Advanced tab select "Gmail" in the Authentication combo box. If you want to add a new account, the Gmail authentication method will be chosen automatically by KMail. I apologize it took so long to make Gmail login work again. The bureaucracy that had to be sorted out in order to comply with Google usage policies was non-trivial and I'll admit then whenever I had some spare time to work on KDE, I usually chose to write some code rather than read legal documents and write privacy policy... Should you still see "Sign in with Google temporarily disabled for this app" or some other error, let me know, please." "Nothing was wrong with KMail really, but if any application wants to access Gmail through OAuth, it needs to request access to this part of API from Google. Google considers Gmail to be a "restricted" scope and applications needs to pass verification and satisfy some extra requirements to get access to it. So there's a manual process of submitting the application for verification, writing a dedicated privacy policy, having numerous rounds with Google support to clear things app and making sure everything is aligned with their terms and policies for accessing the restricted scopes - it might be fun for a lawyer, but it certainly isn't the kind of activity a programmer would want to do in their spare time... :)" Here's more detail to satisfy Google's requirements to link to Gmail: https://support.google.com/cloud/answer/9110914?hl=en Additional Requirements for Specific API Scopes: https://developers.google.com/terms/api-services-user-data-policy#additional_requirements_for_specific_api_scopes Example of privacy policy that Google requires: https://community.kde.org/KDE_PIM/Privacy_Policy Hopefully this is enough information for work to be done to fix this bug. It's worth research how this works for Microsoft's One Drive as well since that one is also broken.
Here's the relevant pages from Microsoft to address this for connecting to One Drive via OAuth 2.0: https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow https://docs.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/?view=odsp-graph-online
In Windows Version: 7.0.0.0.beta1 (x64) Build ID: 94f789cbb33335b4a511c319542c7bdc31ff3b3c CPU threads: 4; OS: Windows 10.0 Build 18362; UI render: Skia/Raster; VCL: win Locale: en-US (en_US); UI: en-US Calc: CL Also in latest Linux version - unknown as I am on Windows at the moment, but it's broken exactly the same way on Linux. When asking to save remotely, Google prompts for six digit PIN which I do not have. It is a wonderful feature that used to work. It no longer works. Regards, David
Same issue here. Tested with my google drive account and still asking for the 6 digits PIN. 2FA is not activated. Version: 7.0.0.0.beta1 (x64) Build ID: 94f789cbb33335b4a511c319542c7bdc31ff3b3c CPU threads: 4; OS: Windows 10.0 Build 17763; UI render: Skia/Raster; VCL: win Locale: fr-CH (fr_FR); UI: en-GB Calc: threaded
Florian - this looks like something that TDF would need to chase to fix ? a nice list of things to do from Pedro; is this something you can handle ?
Oh, indeed, looks like lots of fun... :-) I'll chase this with the team and try to get the paperwork done
google authentication is https://github.com/tdf/libcmis/issues/22 / a bit more involved. (but I think it should also be fixable by using plain oauth2 and the same copy-URL-to-Browser and copy-the-result-back workflow. Google's docs mention to just listen on a local loopback IP address and get the result that way - that is of course also an option to at least avoid copy-back into the dialog. But that's a "stretch goal" :-) Google lists the Manual copy/paste with a hint of "may be discontinued in the future" https://developers.google.com/identity/protocols/oauth2/native-app For onedrive it seems that the API was never migrated from the old/deprecated/now-non-function live apis to Microsoft graph. The only "not-so-nice" thing is that we ask the user to copy'n'paste back between the browser and the LO dialog, but that's easy enough to do. Furthermore we can get rid of the username/pw entry that LO cannot use anyway (or rather: It (LO/libcmis) should not attempt to imitate a user using the browser and try to parse the response of whatever login window appears that is augmented with webX.y stuff :-)) Fixing onedrive should be easy enough to do: * Fix endpoints/scopes to match the Graph scheme * Fix libcmis to use the new (or rather current) OneDrive REST API (instead of the old skydrive one that doesn't work anymore since end of 2018....) * Fix remote-server dialog to not ask for username and password - authentication/login is handled in the user's browser https://docs.microsoft.com/en-us/onedrive/developer/rest-api/concepts/migrating-from-live-sdk
*** Bug 136672 has been marked as a duplicate of this bug. ***
*** Bug 136562 has been marked as a duplicate of this bug. ***
This from Google drive support in response to me asking them how to gain access; Currently, Google Drive does not have a feature where you can set a pin or password to a certain files. Google Drive only saved the files the way we created it. If you forgot the password on the file you want to access you need to contact the program developer who created the apps or program you used prior saving it to Google Drive. Since you are trying to unlock Libre Office documents, you need to reach their support for further assistance. Libre Office Community Support Libre Office Professional Support When you contact Libre Office Support, please let them know that you need help with the 6 digit PIN so that it will allow remote access from your Libre Office account. Where does the 6 digit pin originate? I imagine even if LO fixes the issue then "newer" LO users who haven't previously availed themselves of the service simply won't have a 6 Digit PIN. That's certainly my situation. I'm not trying to access existing files, just trying to implement the cloud storage for some CALCs by File> Open Remote> Add Service (from the dropdown menu defaulting to Manage services.
*** Bug 139088 has been marked as a duplicate of this bug. ***
(In reply to Colin from comment #70) > This from Google drive support in response to me asking them how to gain > access; > > When you contact Libre Office Support, please let them know that you need > help with the 6 digit PIN so that it will allow remote access from your > Libre Office account. > > Where does the 6 digit pin originate? That pin was part of the now no longer supported login mechanism into your gdrive account, it wasn't used by LibreOffice as a pin or password to protect the documents, but rather just how the login worked.. > I imagine even if LO fixes the issue then "newer" LO users who haven't > previously availed themselves of the service simply won't have a 6 Digit PIN. And they won't need that pin. > That's certainly my situation. I'm not trying to access existing files, just > trying to implement the cloud storage for some CALCs by File> Open Remote> > Add Service (from the dropdown menu defaulting to Manage services. Both cases will be solved when the login/token generation is changed as described in comment#67, similar as it has been done for onedrive for 7.1.0 (fixing gdrive login is on the todo, but just didn't make it into 7.1.0). So then the user-experience would be (for the time being): * User chossed to open/save to remote service * LO asks to copy the login URL to browser * User logs in to the service using their browser, granting LibreOffice the access privileges if not already done so in the past * browser will return a code that has to be pasted back into the LibreOffice window → for the duration of the LO session, LO can then create access tokens and won't have to ask the user again. To be fully clear: I know that this is not a great user-experience, so the copy-the-code-back to the LibreOffice window can be solved by having LibreOffice listen on a localhost address and setting the redirect URL to that localhost address, so that would eliminate the need for manually copy'n'paste. But the bigger drawback is that currently LibreOffice doesn't store the refresh_token, so it will have to ask every time LO is started and the files are accessed. (typically they are valid for multiple weeks/months) They should be securely stored locally, so the most natural way would be to use LibreOffice's password-store for that, so the user only would have to unlock it using the master password and not do the login-dance.
(In reply to Christian Lohmaier from comment #73) > (In reply to Colin from comment #70) > > To be fully clear: I know that this is not a great user-experience, so the > copy-the-code-back to the LibreOffice window can be solved by having > LibreOffice listen on a localhost address and setting the redirect URL to > that localhost address, so that would eliminate the need for manually > copy'n'paste. That's infinitely superior to Write LO Calc > Export to eXcel> Upload to GDrive> open with G.Sheets> Modify to mitigate the G.Sheet inadequacies> Work with G.Sheets until the next function change> Copy'n'Paste unformatted data to source LOCalc and then recycle. Still, I'm becoming a Wiz at version control;)). Christian, thank you for taking the time to inform us. Much appreciated. You advise it didn't make the cut to 7.1 - is there a guestimate as to when it might be available?
Can we adjust the bug report to reflect a later version of LO instead of old unsupported versions? Currently, it's set to 5.2.0.4.
(In reply to Christian Lohmaier from comment #73) > But the bigger drawback is that currently LibreOffice doesn't store the > refresh_token, so it will have to ask every time LO is started and the files > are accessed. (typically they are valid for multiple weeks/months) > They should be securely stored locally, so the most natural way would be to > use LibreOffice's password-store for that, so the user only would have to > unlock it using the master password and not do the login-dance. Thanks, Christian. Do you know if there's a bug report for this? I want to follow its updates.
(In reply to yogeshg from comment #75) > Can we adjust the bug report to reflect a later version of LO instead of old > unsupported versions? Currently, it's set to 5.2.0.4. As the label says, the version field is for the earliest (known) affected version, in general it's useful for narrowing down when a bug was introduced, to hint at whether it's a more recent regression/implementation error, or whether it was already in the first LO version.
*** Bug 103748 has been marked as a duplicate of this bug. ***
*** Bug 141787 has been marked as a duplicate of this bug. ***
Christian Lohmaier committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/73041de9563c9a973d1b5394c6e5520a7d799980 tdf#101630 - gdrive support w/oAuth and Drive API v3 It will be available in 7.3.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Christian Lohmaier committed a patch related to this issue. It has been pushed to "libreoffice-7-2": https://git.libreoffice.org/core/commit/b8b66a26f8f519a30b8e6b860a9247a8ffbb71cc tdf#101630 - gdrive support w/oAuth and Drive API v3 It will be available in 7.2.0.2. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Some hints/remarks to the fix: * the initial repository-add dialogs have not been adjusted yet, they still ask for username and password, however those are not used. The username field is for LO's own distinguishing between different instances, but not used in the authentication. You can leave the password empty, it is not used to authenticate. * to allow storing of the refresh token, you should enable persistent storage of credentials in Tools|Options → LO → Security → [x] allow persistent storage and [x] protect with master password. With that LO can store the refresh-token to use for further requests, and you only have to provide the master password. * With the persistent storage enabled, and trying to setup the connection for the first time, LO will ask for the masterpassword to look for an existing refresh token, on first setup there obviously won't be one so it will go to the login procedure: Copy'n'paste the link to your browser, grant LibreOffice the access to files → You will get an access token that you copy back to the LibreOffice dialog. LibreOffice will then ask once more for the masterpassword to store the refresh token obtained using the access-token. Also important: LO is not verified to use restricted scopes yet, so it can only use drive.file scope, meaning when accessing GDrive from LO you'll only see the files that you created with LibreOffice, other files will not be accessible (you will however be able to see the files created with LO in e.g. in your gdrive in browser)
(In reply to Commit Notification from comment #80) > The patch should be included in the daily builds available at > https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. > ... > Affected users are encouraged to test the fix and report feedback. Please note that daily builds are created without necessary configurations parameters, so those builds do not include gdrive support: this means that they can't be used for testing of the patches mentioned in comments 80 and 81. OTOH, 7.2.0 RC2 is going to be available soon. Please wait for the release candidate for testing.
(In reply to Commit Notification from comment #81) > Christian Lohmaier committed a patch related to this issue. Resolved fixed? Thanks for the detailed explanation.
Christian Lohmaier committed a patch related to this issue. It has been pushed to "libreoffice-7-1": https://git.libreoffice.org/core/commit/854c03ebc94aae205b85d0c9d342048baf93e9a9 tdf#101630 - gdrive support w/oAuth and Drive API v3 It will be available in 7.1.6. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
*** Bug 144460 has been marked as a duplicate of this bug. ***
This is not working in v7.2.2.2 The key is not being properly stored, and the UI leaves a LOT to be desired. You may find that the way the tool rclone (rclone.org) handles this authentication is much more graceful than the current solution. The dialog box is also misleading about what, when (at which step), and where to paste the key from the OAuth process. There has to be a better way for users to be able to use this feature.
(In reply to daniel from comment #87) > This is not working in v7.2.2.2 > > The key is not being properly stored, and the UI leaves a LOT to be desired. > > You may find that the way the tool rclone (rclone.org) handles this > authentication is much more graceful than the current solution. > > The dialog box is also misleading about what, when (at which step), and > where to paste the key from the OAuth process. > > There has to be a better way for users to be able to use this feature. hello, Please read comment 82 to allow storing the key
(In reply to Xisco Faulí from comment #88) > (In reply to daniel from comment #87) > > This is not working in v7.2.2.2 > > > > The key is not being properly stored, and the UI leaves a LOT to be desired. > > > > You may find that the way the tool rclone (rclone.org) handles this > > authentication is much more graceful than the current solution. > > > > The dialog box is also misleading about what, when (at which step), and > > where to paste the key from the OAuth process. > > > > There has to be a better way for users to be able to use this feature. > > hello, > Please read comment 82 to allow storing the key I have, but it is extremely user-unfriendly and unless you are looking up this bug report, you would never know how to do it. Even then, the notes in comment #87 are not the complete instructions. Basically, this method is a dirty workaround of a patch job that needs to be truly fixed in both the backend and the UI. The method used to get and capture the key is not graceful, and the UI is plain incorrect. I would fix it myself if it was something that had the skill to do (I love open source software for that!), but I do not feel comfortable in my skill level making those modifications. Instead, I have pointed this very skilled and talented community to another piece of open-source software that has done a very good job at tackling this issue for not only Google Drive, but also for numerous other cloud storage vendors. Their code base is mature, and the capabilities of that tool complement what users of this project need. In reality, the project might even look at integrating that tool's functionality into this one, similar to how other modules have become standard within the software. Spell checking is one function that comes to mind. I see this as an opportunity to potentially have one community help another, giving them both a way to learn from the other's work and experience. Isn't that one of the main benefits of being open source?
Reproduced error message "specified device is invalid" from (remote file->manage services->add service->google drive->user->pass) sequence of events. Much like everyone else BUT no two factor authentication in this case. Ubuntu 20.04.3 LTS Version: 7.1.8.1 / LibreOffice Community Build ID: e1f30c802c3269a1d052614453f260e49458c82c CPU threads: 8; OS: Linux 5.11; UI render: default; VCL: gtk3 Locale: en-US (en_US.UTF-8); UI: en-US Calc: threaded
Can confirm that 2FA does not work. Even the GNOME Settings application has this feature. --- Version: 7.2.5.2.0+ Build ID: 20(Build:2) CPU threads: 24; OS: Linux 5.16; UI render: default; VCL: gtk3 Locale: en-US (en_US.UTF-8); UI: en-US Calc: threaded
@cloph: could we possibly use some Python library ( https://oauth.net/code/python/ ), like we use smtplib in our scripting/source/pyprov/mailmerge.py, which implements com::sun::star::mail::XMailServiceProvider etc?
(In reply to Mike Kaganski from comment #92) FYI: https://github.com/google/gmail-oauth2-tools/wiki/OAuth2DotPyRunThrough
Also: https://extensions.libreoffice.org/en/extensions/show/oauth2ooo
@Christian Lohmaier The OAuth2OOo extension https://github.com/prrvchr/OAuth2OOo has approvals from Google for the scope: https://www.googleapis.com/auth/drive After the user has approved the use of this scope this extension is able to deliver OAuth2OOo tokens... I'm ready to try an integration.
*** Bug 151415 has been marked as a duplicate of this bug. ***
*** Bug 154605 has been marked as a duplicate of this bug. ***
Cloph, you were assigned by Heiko since 2021. I've reset that to the default, as prrvchr said they were interested in working on it in comment 95. prrvchr, are you still interested in submitting patches? If so, please go ahead and assign yourself.
*** Bug 149444 has been marked as a duplicate of this bug. ***
*** Bug 157883 has been marked as a duplicate of this bug. ***
*** Bug 162100 has been marked as a duplicate of this bug. ***