Received an email from Google Developers informing me of:
We are writing to inform you that OAuth out-of-band (OOB) flow will be deprecated on October 3, 2022, to protect users from phishing and app impersonation attacks.
What do I need to know?
Starting October 3, 2022 , we will block OOB requests to Google’s OAuth 2.0 authorization endpoint for existing clients. Apps using OOB in testing mode will not be affected. However, we strongly recommend you to migrate them to safer methods as these apps will be immediately blocked when switching to in production status.
What did you already try to solve it?
Nothing at this moment. More or less looking for advice / support. Wondering if I maybe incorrectly configured something and if anyone else is running into this issue?
My initial thoughts are that I could put the OAuth Consent Screen settings into “Testing” mode, but IDK what that would potentially effect.
I got the same mail from Google Workspace and haven’t a solution yet.
Maybe someone else has a solution about the OOB requests to Google’s OAuth 2.0 authorization endpoint?
I also was confused after receiving this email, however I found all the answers in a post on the rclone forums, but I will repost what I found there and rephrase it in the most basic and straight forward way.
the TLDR is, nothing needs to be done if you have a current working rclone config. The changes only affect the first time remote rclone config setup.
The OOB process it’s blocking is what is used to setup rclone remotely using the token generated in a webbrowser when setting up your mounts for the first time. This is the method that will be blocked in Oct and if you try to setup rclone using this remote token method it will fail. In order to remotely configure rclone going forward you need to upgrade to at least v1.58 using the command below. There is another thread in this forum that posted this originally.
Rclone and MergerFS update script. run and choose options from menu to update. I didn’t even need to redeploy the mounts but you can if you prefer and it should keep the updated version.
Once on version 1.58 or higher use a new method to authenticate called rclone authorize(see link at bottom) , OR if you have a working config you can just copy the existing rclone.conf file and there is no need for any further changes.
No changes or updates need to be done if you don’t need to reconnect and reauth your google drives. No need to regenerate client IDs or anything. If you want to ensure you don’t need to update, backup your rclone.conf file and keep it handy to copy over to any new systems you want to mount your drives on. Hope this helps others as it wasn’t clear that I didn’t need to do anything from that letter.
See original rclone thread here, I don’t claim any of this info I just reposted it.
@Stryk3r You are awesome! I was thinking the Oauth issue was in relation to accessing our sites i.e. Radarr, Sonarr etc… So thanks for the clarification
I will backup my rclone.conf file and if I understand you correctly if I ever need to restart from scratch use / replace that file and everything should be working as expected. No need to update Rclone versions.
I’m in the same boat I wasn’t really aware of backing up the rclone config until my 2 nvme drives failed on local server, when iv replaced and tried to redo the install of PG I realised something was wrong come here and found out instantly
So the question is I have no rclone backup file, what to do now? In this scenario?
A question I hope you, or someone else, can answer.
I lost my rclone mount at some point and don’t know why or how. In attempting to correct the issue I came across your post for reconfiguring rclone to mount on GDrive without the OOB configuration.
I ran the line of code above to install the latest version of rclone and mergerFS, but the only way to get them mounted is to run option (4) PG Clone, which then installs the old version of rclone again.
While installing the latest version and then running “rclone config”, the new version sees my config file at “/home/user/.rclone.conf” , so I am assuming it is using that configuration. Is there a way to bypass the reinstallation and set the following info?
