Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google+ deprecation #1526

Closed
Martii opened this issue Oct 8, 2018 · 3 comments
Closed

Google+ deprecation #1526

Martii opened this issue Oct 8, 2018 · 3 comments
Labels
dependency issue Hmmph! A dependency issue security Usually relates to something critical.

Comments

@Martii
Copy link
Member

Martii commented Oct 8, 2018
edited
Loading

Here we go again???

Refs:

In the short term we should probably disable new Google auths @sizzlemctwizzle

Historical refs:

Ref:

Over at PR No. 51 on the package issue tracker it states:

Google Plus API Deprecation

The default for passport-google-oauth2 is to use the Google+ People API to
get the profile information for the user signing in. With this API being
removed in early 2019 you should look towards using the OAuth 2 User Info
endpoint instead. You can switch to this endpoint using this configuration
option.

new GoogleStrategy({
  clientID: GOOGLE_CLIENT_ID,
  clientSecret: GOOGLE_CLIENT_SECRET,
  callbackURL: "http://www.example.com/auth/google/callback",
  // This option tells the strategy to use the userinfo endpoint instead
  userProfileURL: "https://www.googleapis.com/oauth2/v3/userinfo",
}

The structure of the profile object will be the same but you may get
less profile information than you did before.

... seems to also fix OpenID which I was told and read by Goo that it was deprecated. We took action upon that in #484 ... a trite bit confusing to see that fix under a file named openid
@Martii Martii added tracking upstream Waiting, watching, wanting. sooner Sooner would be appreciated. dependency issue Hmmph! A dependency issue labels Oct 8, 2018
@Martii Martii mentioned this issue Oct 8, 2018
Closed
Martii added a commit to Martii/OpenUserJS.org that referenced this issue Oct 8, 2018
@Martii
Swap to Goo relative profile scope
5c52e13 
* Setting goo auth to read only for a while until this is clarified at passport strategy

NOTE:
* Untested on pro but seems to work on dev

Applies to OpenUserJS#1526
@Martii Martii mentioned this issue Oct 8, 2018
Merged
Martii added a commit that referenced this issue Oct 8, 2018
@Martii
Swap to Goo relative profile scope (#1527)
81664c8 
* Setting goo auth to read only for a while until this is clarified at passport strategy

NOTE:
* Untested on pro but seems to work on dev

Applies to #1526

Auto-merge
@Martii Martii self-assigned this Oct 9, 2018
@Martii Martii pinned this issue Dec 20, 2018
@tiblu tiblu mentioned this issue Jan 7, 2019
Closed
@Martii
Copy link
Member Author

Martii commented Mar 7, 2019
edited
Loading

Successful login to OUJS with no changes to source. Perhaps they haven't done it yet?... or perhaps that alias someone was talking about? I will check again periodically throughout the day.

@Martii
Copy link
Member Author

Martii commented Mar 8, 2019

Okay... definitely past the deadline... still able to log in (and observed at least two others with goo logging in successfully). I did remove g+ from my other account before all of this.

Guess either the profile commit or their alias is in effect. Really don't like guessing what is happening here.

Sometime next week I'll retry allowing new account creations.

Martii added a commit to Martii/OpenUserJS.org that referenced this issue Mar 11, 2019
@Martii
Some dep updates
f1fc116 
* Please read their CHANGELOGs
* Google auth dep update ... new default userInfo endpoint... applies to OpenUserJS#1526 . Tested with dev existing... same token returned as before.
* Delete op retested
@Martii Martii mentioned this issue Mar 11, 2019
Merged
Martii added a commit that referenced this issue Mar 11, 2019
@Martii
Some dep updates (#1594)
ecf36af 
* Please read their CHANGELOGs
* Google auth dep update ... new default userInfo endpoint... applies to #1526 . Tested with dev existing... same token returned as before.
* Delete op retested

Auto-merge
@Martii Martii added security Usually relates to something critical. and removed tracking upstream Waiting, watching, wanting. labels Mar 12, 2019
@Martii Martii closed this as completed in 810b73e Mar 12, 2019
@Martii Martii removed their assignment Mar 12, 2019
@Martii Martii removed the sooner Sooner would be appreciated. label Mar 12, 2019
@Martii Martii unpinned this issue Mar 12, 2019
@Martii
Copy link
Member Author

Martii commented Apr 2, 2019

Interesting read at https://www.bbc.com/news/technology-47771927 ... Tuesday is their EOL?

@OpenUserJS OpenUserJS locked as resolved and limited conversation to collaborators Apr 12, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
dependency issue Hmmph! A dependency issue security Usually relates to something critical.
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Martii