Support app passwords

[jgiszczak]

For accounts with two-factor authentication enabled, Google offers what they call "app passwords" which can be generated for use with a particular application that doesn't support two-factor authentication. Supporting that feature is probably easier than fully supporting two-factor authentication.

[EionRobb]

Unfortunately, we still have to use the gross way of getting the auth cookie out of the browser to be able to auth. This is because the API's needed to access Google Chat aren't part of any official oauth thing from Google. The one upside of this though is that it works with 2fa, since the browser is able to do all that annoying stuff, and then we just grab the cookie at the end.

Were you having trouble auth'ing with the plugin, or was this just a theoretical example of something we could support?

[jgiszczak]

I was unable to find an oath2 cookie anywhere in the network traffic after initiating login. I both searched manually and with the built-in search in Chrome.

[EionRobb]

Were you following the link in the description of the YouTube video and ending up on the "One Moment Please" page?

The link in the desc is https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqa0RLSEhGQko4RE5ESzBYcGp5cXlqZzFNN1Z5UXxBQ3Jtc0trcldHcFJpUWd5RmFMRC1COGJJZnNmYS1FYnJLQV95YUhxQTBxS2h5UXJjX2h2eTN1UDRhNlNBWEtJVjRDQ3JTUVduOEN5eUJLeGVuWGZ2OEppQm1fWS1pWG8yN25SNDJJc0dhVUNRQS1VZTBtZkZRWQ&q=https%3A%2F%2Faccounts.google.com%2Fo%2Foauth2%2Fprogrammatic_auth%3Fhl%3Den%26scope%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252FOAuthLogin%2Bhttps%253A%252F%252Fwww.googleapis.com%252Fauth%252Fuserinfo.email%26client_id%3D936475272427.apps.googleusercontent.com%26access_type%3Doffline%26delegated_client_id%3D183697946088-m3jnlsqshjhh5lbvg05k46q1k4qqtrgn.apps.googleusercontent.com%26top_level_cookie%3D1

[jgiszczak]

Indeed I was not. That solved it. I didn't notice that I should be using a special link to log in.