Google Sign-in deprecation schedule

Do not post support requests, bug reports or feature requests. Discuss CEF here. Non-CEF related discussion goes in General Discussion!

Google Sign-in deprecation schedule

Postby magreenblatt » Thu May 16, 2019 4:31 am

Hi All,

Google will begin blocking sign-in from CEF-based embedded web views (announced here and initially discussed here) on the following proposed schedule:

  • June 2019: block all obvious automation.
  • Aug 2019: block all new app from signing in using CEF.
  • Jan 2020: block existing app from signing in using CEF.
Google has requested feedback on this schedule. You can post your feedback here, or reach out to Jonathan Skelker directly.

What apps will be impacted?

This will impact any apps that sign in to Google services directly instead of using the recommended OAuth flow. Google has a resource here that can help with OAuth authentication using the system browser.

What apps will not be impacted?

This should not impact apps that are themselves genuine system browser apps (e.g. apps that are intended to replace the default system browser). If you are the author of a system browser app and have upfront concerns please reach out to Jonathan Skelker directly.
magreenblatt
Site Admin
 
Posts: 9836
Joined: Fri May 29, 2009 6:57 pm

Re: Google Sign-in deprecation schedule

Postby ndesktop » Thu May 16, 2019 8:29 am

I am working on an application which is a browser, just not a system browser (it can be used as a standalone browser).
The application is a part of a security suite; its use case is
1. user navigates to a bank/payment URL in another browser
2. our network interceptor detects the navigation, scan the URL against our cloud db and sees it is a banking URL
3. depending on user settings, we prompt the user to continue navigation in our browser or launch automatically the URL in our browser
4. user performs the banking/payment in our browser (which strips extensions, executes in another non-hookable desktop, might trigger our VPN solution on the duration of session on our browser etc.)
5. user closes the browser and returns to the default desktop.

So the obvious question is: in which scenario does this application fit, not being a system browser *and* embedding CEF, but still being a browser ?
ndesktop
Expert
 
Posts: 366
Joined: Thu Dec 03, 2015 10:10 am

Re: Google Sign-in deprecation schedule

Postby Jonathan » Fri May 17, 2019 3:45 am

Jonathan
Newbie
 
Posts: 1
Joined: Thu May 16, 2019 10:24 am

Re: Google Sign-in deprecation schedule

Postby mbragg12 » Tue Dec 17, 2019 2:31 pm

Was there ever any clarification on how to deal with this when we are the system browser? We are starting to see what I assume is the the error page related to this: "Couldn't sign you in This browser or app may not be secure. Learn more Try using a different browser. If you’re already using a supported browser, you can refresh your screen and try again to sign in."
Does anyone have the contact info for Jonathan Skelker?
mbragg12
Newbie
 
Posts: 1
Joined: Tue Dec 17, 2019 1:11 pm

Re: Google Sign-in deprecation schedule

Postby magreenblatt » Wed Dec 18, 2019 4:22 am

You should be able to discover his email from the above-linked threads, or you can PM the “Jonathan” account that commented above.
magreenblatt
Site Admin
 
Posts: 9836
Joined: Fri May 29, 2009 6:57 pm

Re: Google Sign-in deprecation schedule

Postby ndesktop » Mon Jan 06, 2020 9:31 am

And the day arrived. cefclient cannot login into GMail.
ndesktop
Expert
 
Posts: 366
Joined: Thu Dec 03, 2015 10:10 am

Re: Google Sign-in deprecation schedule

Postby magreenblatt » Mon Jan 06, 2020 9:34 am

ndesktop wrote:And the day arrived. cefclient cannot login into GMail.

It's been problematic for a while. See related conversation in viewtopic.php?f=10&t=16717.
magreenblatt
Site Admin
 
Posts: 9836
Joined: Fri May 29, 2009 6:57 pm

Re: Google Sign-in deprecation schedule

Postby ndesktop » Mon Jan 06, 2020 9:58 am

I know. Anyways, I still don't get how using the same user agent from command line works in Chrome, but does not work in cefclient or other CEF embedding apps.
On the other hand, Mozilla still works.
ndesktop
Expert
 
Posts: 366
Joined: Thu Dec 03, 2015 10:10 am

Re: Google Sign-in deprecation schedule

Postby magreenblatt » Mon Jan 06, 2020 10:12 am

There are some differences between Chromium/CEF and Chrome that can be detected with various combinations of JS and server-side sniffing techniques. For example, default Chromium builds don't include Google API Keys. If a browser advertises as Chrome via U-A then it makes sense to use these techniques to validate the browser as Google Chrome specifically.
magreenblatt
Site Admin
 
Posts: 9836
Joined: Fri May 29, 2009 6:57 pm

Re: Google Sign-in deprecation schedule

Postby ndesktop » Mon Jan 06, 2020 12:16 pm

Makes sense. I was considering obtaining an API Key that would been recognized by GMail team, but I think they will support only well-known mainstream browsers.
Basically being in the list with Chrome, Firefox, Edge etc.

I run out of ideas - the Google groups conversation started by you did not end with any detail - last post is mine from 05/2019. Did someone contacted Google for obtaining API keys for a Chromium browser? How does it work?
ndesktop
Expert
 
Posts: 366
Joined: Thu Dec 03, 2015 10:10 am

Next

Return to CEF Discussion

Who is online

Users browsing this forum: No registered users and 2 guests