480779 – Can not add Google to Online Accounts anymore using a recent version of signon-ui

Bug 480779 - Can not add Google to Online Accounts anymore using a recent version of signon-ui

Summary: Can not add Google to Online Accounts anymore using a recent version of signo...

Status:	CLOSED FIXED

Alias:	None

Product:	systemsettings
Classification:	Applications
Component:	kcm_kaccounts (show other bugs)
Version:	unspecified
Platform:	openSUSE Linux

Importance:	VHI grave
Target Milestone:	---
Assignee:	Plasma Bugs List

URL:
Keywords:	qt6

Duplicates (12):	482808 484741 485286 489435 489645 490925 495192 496600 499725 500807 500918 501626 (view as bug list)
Depends on:
Blocks:

Reported:	2024-02-03 15:04 UTC by shatz.dan
Modified:	2025-03-19 00:40 UTC (History)
CC List:	60 users (show)

See Also:	500335
Latest Commit:	https://invent.kde.org/network/kaccounts-providers/-/commit/78a81aafedced524c1bc9f16788c4304acc3b807
Version Fixed In:	24.12.2
Sentry Crash Report:

Attachments
Google sign in browser window (45.57 KB, image/png) 2024-02-03 15:04 UTC, shatz.dan	Details
Result after login with a Google Account in KDE (33.10 KB, image/png) 2025-01-13 23:55 UTC, Camilo Bohórquez	Details
Result after login with a Google Account in KDE (23.38 KB, image/png) 2025-01-18 12:00 UTC, Roke Julian Lockhart Beedell	Details
Error in KCM GUI (51.37 KB, image/png) 2025-01-18 12:01 UTC, Roke Julian Lockhart Beedell	Details
attachment-4045051-0.html (1.26 KB, text/html) 2025-03-17 17:29 UTC, jwlibuntu	Details
Show Obsolete (1) View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description shatz.dan 2024-02-03 15:04:12 UTC

Created attachment 165499 [details]
Google sign in browser window

SUMMARY


STEPS TO REPRODUCE
1. System Settings -> Online Accounts -> Add -> Google
2. Enter email, press next.

OBSERVED RESULT
Couldn’t sign you in - This browser or app may not be secure. See screenshot.
Learn more leads here: https://support.google.com/accounts/answer/7675428?hl=en-US


EXPECTED RESULT
Password/2FA fields are shown.

SOFTWARE/OS VERSIONS
Windows: 
macOS: 
Linux/KDE Plasma: 
(available in About System)
KDE Plasma Version: 
KDE Frameworks Version: 
Qt Version: 

ADDITIONAL INFORMATION

Comment 1 shatz.dan 2024-02-03 15:05:50 UTC

Sorry, versions:

SOFTWARE/OS VERSIONS
Linux/KDE Plasma:  KDE Neon Unstable
(available in About System)
KDE Plasma Version: 6.0.80
KDE Frameworks Version: 5.249.0
Qt Version: 6.6.1

Comment 2 Nate Graham 2024-02-05 21:52:28 UTC

Indeed, it looks like we're going to need to make some changes here.

Comment 3 Nicolas Fella 2024-02-17 10:05:30 UTC

Works fine for me on Fedora Rawhide. Likely has to do with signon-ui/QtWebengine, but there's no obvious difference between Fedora and Neon as far as I can tell

Comment 4 Nicolas Fella 2024-03-08 10:28:20 UTC

*** Bug 482808 has been marked as a duplicate of this bug. ***

Comment 5 leob94mt 2024-03-08 15:45:56 UTC

I can reproduce this bug on my machine. 

Operating System: Arch Linux 
KDE Plasma Version: 6.0.1
KDE Frameworks Version: 6.0.0
Qt Version: 6.6.2
Kernel Version: 6.7.8-arch1-1 (64-bit)
Graphics Platform: Wayland
Processors: 12 × AMD Ryzen 5 5625U with Radeon Graphics
Memory: 14.5 GiB of RAM
Graphics Processor: AMD Radeon Graphics

Comment 6 Esteve 2024-03-11 09:23:41 UTC

Hi all, I can confirm this bug either in a HP Zbook running Plasma 6.00 and also in a virtual machine running VMWare also running Plasma 6.00.
My google account is 2FA activated.
If you need more details, just let me know.

Comment 7 Jens 2024-03-25 09:27:33 UTC

I have he same issue on KDE Neon based on Ubuntu 22.04 with KDE 6 upgraded from KDE 5.

Additionally, existing Google accounts do not show any files any more (the loading never stops).

Comment 8 Andrés Becerra 2024-04-10 16:39:13 UTC

Running systemsettings from the command line and trying to add a new google account I get:

"google"
Looking for plugin ""
Starting auth session with "oauth2"
Info:
        Id: 105
        caption: "google"
        owner: ""
        userName: ""
qt.dbus.integration: Could not disconnect "com.google.code.AccountsSSO.SingleSignOn.Identity" to "destroyed(QObject*)" : Pointers are not supported: QObject*


This occurs in a Gentoo system with plasma-6.0.3 with qt-6.7.0

Comment 9 Nate Graham 2024-07-03 17:31:28 UTC

*** Bug 484741 has been marked as a duplicate of this bug. ***

Comment 10 Nate Graham 2024-07-03 17:32:19 UTC

*** Bug 489645 has been marked as a duplicate of this bug. ***

Comment 11 Nate Graham 2024-07-03 17:32:41 UTC

*** Bug 489435 has been marked as a duplicate of this bug. ***

Comment 12 ratijas 2024-07-04 23:07:40 UTC

I'm 99% sure that "qt.dbus.integration" error from post #8 is not related to the issue at hands, and in fact is just a side effect of automatic runtime method registration which was not supposed to register the pre-descruction signal.

Comment 13 Szczepan Hołyszewski 2024-07-23 19:29:48 UTC

I just tripped on this, and here's a workaround that worked for me, combined from an earlier workaround posted in #485286 and my own experimentation:

 1. I maximized the embedded browser window that displays the authentication page
 2. I switched the language to Polish (my language)
 3. As per the original workaround (which was insufficient on its own in my case), I clicked Next with mouse instead of using Enter

No further problems encountered.

Comment 14 duha.bugs 2024-07-28 19:19:34 UTC

*** Bug 490925 has been marked as a duplicate of this bug. ***

Comment 15 gabriel.rilling 2024-08-22 04:40:55 UTC

(In reply to Szczepan Hołyszewski from comment #13)
> I just tripped on this, and here's a workaround that worked for me, combined
> from an earlier workaround posted in #485286 and my own experimentation:
> 
>  1. I maximized the embedded browser window that displays the authentication
> page
>  2. I switched the language to Polish (my language)
>  3. As per the original workaround (which was insufficient on its own in my
> case), I clicked Next with mouse instead of using Enter
> 
> No further problems encountered.

This worked for me too, although I did not change the language.

Comment 16 Tim 2024-09-07 23:00:01 UTC

Tokens expiring in Dolphin also. Also cant add Google account in Solus Plasma 6.

Comment 17 Marc 2024-09-10 18:11:56 UTC

(In reply to gabriel.rilling from comment #15)
> (In reply to Szczepan Hołyszewski from comment #13)
> > I just tripped on this, and here's a workaround that worked for me, combined
> > from an earlier workaround posted in #485286 and my own experimentation:
> > 
> >  1. I maximized the embedded browser window that displays the authentication
> > page
> >  2. I switched the language to Polish (my language)
> >  3. As per the original workaround (which was insufficient on its own in my
> > case), I clicked Next with mouse instead of using Enter
> > 
> > No further problems encountered.
> 
> This worked for me too, although I did not change the language.

I've tried this a few times on two separate systems, I don't speak polish and even tried that part specifically but unable to reproduce today.
All items give an error indicating that there is an issue with the browser used for sign or the app setup to allow sign-in.

Comment 18 Elvis Angelaccio 2024-09-23 20:21:20 UTC

*** Bug 485286 has been marked as a duplicate of this bug. ***

Comment 19 Elvis Angelaccio 2024-09-23 20:31:27 UTC

(In reply to Elvis Angelaccio from comment #18)
> *** Bug 485286 has been marked as a duplicate of this bug. ***

Actually, even this report really looks like a duplicate of #420280

I guess we can close this one as well?

Comment 20 gabriel.rilling 2024-09-23 22:18:24 UTC

(In reply to Elvis Angelaccio from comment #19)
> (In reply to Elvis Angelaccio from comment #18)
> > *** Bug 485286 has been marked as a duplicate of this bug. ***
> 
> Actually, even this report really looks like a duplicate of #420280
> 
> I guess we can close this one as well?

Like https://bugs.kde.org/show_bug.cgi?id=420280#c105 , I'm facing this bug on Arch with a fairly recent signon-ui version (0.17+20231016), so this may not be the same bug as #420280 which is apparently due to a too old signon-ui version.

Comment 21 Marc 2024-09-23 23:10:49 UTC

Seconded,

I am on signon-ui 0.17+20231016-2 and facing this issue.

Comment 22 Elvis Angelaccio 2024-09-24 17:49:31 UTC

(In reply to gabriel.rilling from comment #20)
> (In reply to Elvis Angelaccio from comment #19)
> > (In reply to Elvis Angelaccio from comment #18)
> > > *** Bug 485286 has been marked as a duplicate of this bug. ***
> > 
> > Actually, even this report really looks like a duplicate of #420280
> > 
> > I guess we can close this one as well?
> 
> Like https://bugs.kde.org/show_bug.cgi?id=420280#c105 , I'm facing this bug
> on Arch with a fairly recent signon-ui version (0.17+20231016), so this may
> not be the same bug as #420280 which is apparently due to a too old
> signon-ui version.

Right, I'll rename this report then.

Btw, I cannot reproduce on arch with signon-ui version 0.17+20231016-2

Comment 23 Andrés Becerra 2024-10-17 11:43:46 UTC

For Gentoo this bug is solved with =>signon-ui-0.15_p20231016-r2

Comment 24 Guido 2024-11-11 15:39:32 UTC

(In reply to Szczepan Hołyszewski from comment #13)
> I just tripped on this, and here's a workaround that worked for me, combined
> from an earlier workaround posted in #485286 and my own experimentation:
> 
>  1. I maximized the embedded browser window that displays the authentication
> page
>  2. I switched the language to Polish (my language)
>  3. As per the original workaround (which was insufficient on its own in my
> case), I clicked Next with mouse instead of using Enter
> 
> No further problems encountered.

Incredibly, it works. Totally nonsensical, but it works.

Comment 25 Michael 2024-11-12 01:57:23 UTC

(In reply to Guido from comment #24)
> Incredibly, it works. Totally nonsensical, but it works.

Okay, this gets me further into the sign on process, where it asks me to verify my Google account on my phone, it then momentarily appears to succeed, then the embedded browser page abruptly clears and switches to say: 

> This app is blocked
> This app tried to access sensitive info in your Google Account. To keep your account safe, Google blocked this access.

When starting systemsettings from the commandline and I run through this process, I get this message:

> org.kde.kaccounts.lib: Error:
> org.kde.kaccounts.lib:   "Access grant not present"

So it seems that this can work when the embedded browser window is made full-screen (which is very weird, and no, I didn't have to change the default language). Regarding making the embedded browser full-screen, if I double-click on the titlebar, then the process will fail like it always does; I have to click the maximize button on the titlebar to have any kind of progress.

Given the error "This app is blocked", maybe this issue is on Google's end?

Comment 26 Gareth 2024-11-13 23:28:03 UTC

(In reply to Michael from comment #25)
> Given the error "This app is blocked", maybe this issue is on Google's end?

Yeah, something about what KDE wants to do with the account is tripping some (seemingly newer?) protection on Google's end.

Comment 27 devminer 2024-11-14 10:50:58 UTC

Ideally, KDE should use OAuth2 via the user's default browser instead of opening up an integrated browser that doesn't know any sessions.

Comment 28 Diego 2024-11-19 13:10:19 UTC

See this interesting comment here about contents of `/usr/share/accounts/providers/kde/google.provider`:
https://discuss.kde.org/t/kde-online-accounts-not-signing-in/3411/38

Comment 29 Marc 2024-11-19 17:05:01 UTC

(In reply to Diego from comment #28)
> See this interesting comment here about contents of
> `/usr/share/accounts/providers/kde/google.provider`:
> https://discuss.kde.org/t/kde-online-accounts-not-signing-in/3411/38

Changed provider details to those specified in the linked post used by gnome.  Mine works now.
It seems like the details specified in the google.provider file included by default with KDE are just invalid now.

Comment 30 John Kizer 2024-11-26 19:29:23 UTC

*** Bug 496600 has been marked as a duplicate of this bug. ***

Comment 31 Nate Graham 2024-11-27 20:26:20 UTC

*** Bug 495192 has been marked as a duplicate of this bug. ***

Comment 32 Olivier BELLEUX 2024-11-28 14:35:04 UTC

Now, it is broken on openSUSE Leap 15.6 ; one more time .

Comment 33 ocobblepot 2024-12-02 12:46:27 UTC

The workaround of using the GNOME ClientID and/or replacing/editing the KDE google.provider file with the contents of the GNOME one works for several people - https://discuss.kde.org/t/kde-online-accounts-not-signing-in/3411/38

That suggests to this ignorant peasant that a fix might be straightforward? (Unless it means waiting for Google to provide an updated ClientID).

Comment 34 Dave Vasilevsky 2024-12-11 20:48:53 UTC

It's possible to do this without changing a package-owned file. Instead, you can create your own copy of that file in ~/.local/share/accounts/providers/google.provider, and whatever ClientId/ClientSecret you put there will override the one from /usr/share/accounts/providers/kde/google.provider . See discussion at Invent: https://invent.kde.org/network/kaccounts-providers/-/issues/6

You can also create your own client ID, instead of co-opting Gnome's. See the clone instructions for this: https://rclone.org/drive/#making-your-own-client-id

Comment 35 Dave Vasilevsky 2024-12-11 20:51:03 UTC

(In reply to devminer from comment #27)
> Ideally, KDE should use OAuth2 via the user's default browser instead of
> opening up an integrated browser that doesn't know any sessions.

I agree, this is what Gnome does since last year: https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/merge_requests/139/diffs#e5013ca9537031cc64a62645433ba8c7f51deb1e  It's probably less likely to make Google unhappy. And it's more convenient to the user, since there's a good chance they've already authenticated to Google in their browser.

Comment 36 Dave Vasilevsky 2024-12-11 21:52:17 UTC

Here's a discussion from Gnome about Google getting upset about webviews: https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/issues/157.

I tried to look into what Gnome did about verification, and didn't really find any equivalent to the recent request to KDE: https://invent.kde.org/network/kio-gdrive/-/issues/1 . Best are:

* Adding a new API key six years ago: https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/commit/43a20cfe4d54ddf4fbb9c87996c0beab1b14be75
* Submitting for verification five years ago: https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/issues/42

Comment 37 bandreabis 2024-12-18 08:50:18 UTC

(In reply to Andrés Becerra from comment #23)
> For Gentoo this bug is solved with =>signon-ui-0.15_p20231016-r2

Using Gentoo and signon-ui-0.15_p20231016-r2 installed, but no luck.
Must be other build problem

Comment 38 piedro 2024-12-18 11:13:07 UTC

Hi! 

On OpenSUSE Tumbleweed this doesn't work.. 

No matter if I change the language or maximize the window or use a password or let Google send me a confirmation code - nothing works, I always get 

"This app is blocked." 

Could someone break down the other workaround with gnome online accounts in the necessary steps? 

If I try to install gnome online accounts, zypper demands to pull basically all packages for the full gnome desktop - this is not an option for me (bad experiences with mixed desktop environments!). 

Also, worth mentioning: 

Merkuro Contacts can grab my Google addressbook! 
But kmail cannot be configured to work with the same Google account! 

Thx, p.

Comment 39 Krzysztof 2025-01-07 07:19:32 UTC

(In reply to piedro from comment #38)
> Hi! 
> 
> On OpenSUSE Tumbleweed this doesn't work.. 
> 
> No matter if I change the language or maximize the window or use a password
> or let Google send me a confirmation code - nothing works, I always get 
> 
> "This app is blocked." 
> 
> Could someone break down the other workaround with gnome online accounts in
> the necessary steps? 
> 
> If I try to install gnome online accounts, zypper demands to pull basically
> all packages for the full gnome desktop - this is not an option for me (bad
> experiences with mixed desktop environments!). 
> 
> Also, worth mentioning: 
> 
> Merkuro Contacts can grab my Google addressbook! 
> But kmail cannot be configured to work with the same Google account! 
> 
> Thx, p.

I can confirm that. I use the latest Tumblewed too. Merkuro contacts is ok but I can't connect to Google drive.
Kmail is working for me and I have configured my gmail account without problem.

Comment 40 adamplusplus 2025-01-08 12:42:46 UTC

This is still a problem for me with openSUSE 15.6 Leap with the experimental Plasma 6 repo (version 6.2.5).
Here is the workaround I use: I place the content of the codeblock in this comment https://discuss.kde.org/t/kde-online-accounts-not-signing-in/3411/38 in $HOME/.local/share/accounts/providers/google.provider

Comment 41 Eduardo Correia 2025-01-13 10:23:59 UTC

Just noticed this bug. Was trying to use google cloud in dolphin since my company requires it, but couldn't login. Guess I will have to look for different options.

Comment 42 bandreabis 2025-01-13 11:59:01 UTC

(In reply to adamplusplus from comment #40)
> This is still a problem for me with openSUSE 15.6 Leap with the experimental
> Plasma 6 repo (version 6.2.5).
> Here is the workaround I use: I place the content of the codeblock in this
> comment https://discuss.kde.org/t/kde-online-accounts-not-signing-in/3411/38
> in $HOME/.local/share/accounts/providers/google.provider

That workaround worked flawlessly

Comment 43 Camilo Bohórquez 2025-01-13 23:55:32 UTC

Created attachment 177337 [details]
Result after login with a Google Account in KDE

Comment 44 Bug Janitor Service 2025-01-14 20:18:26 UTC

A possibly relevant merge request was started @ https://invent.kde.org/network/kaccounts-providers/-/merge_requests/42

Comment 45 piedro 2025-01-15 15:52:18 UTC

The suggested workaround to replace the service provider file works for me to add the Google account to the KDE system settings. 

But my original problem is still the same - I cannot add the Gmail account to Kmail!  

Without the option to add Google Mail accounts, Kmail is pretty much useless as a centra mail management application to handle all mail. 
Which is really sad - I am one of these rare users who really likes Kmail and it's vast functionality and configurability. 

p.

Comment 46 Nate Graham 2025-01-15 16:13:12 UTC

Git commit 1652091be7df65ea16e6eb6d044460c90c19b420 by Nate Graham.
Committed on 14/01/2025 at 20:27.
Pushed by ngraham into branch 'master'.

Google: stop requesting gdrive permission

Google blocked us from using this back in June because we weren't able
justify our API usage to their satisfaction. As such, the permission is
now blocked, and including it here prevents people from logging into
their Google accounts for any other purposes, making 25% of the
KAccounts KCM non-functional. Remove the gdrive permissions for now so
at least other Google things can work (at least in theory).
FIXED-IN: 24.12.2

M  +1    -2    providers/google.provider.in

https://invent.kde.org/network/kaccounts-providers/-/commit/1652091be7df65ea16e6eb6d044460c90c19b420

Comment 47 Jens 2025-01-15 19:32:36 UTC

That's a bummer. I use this extension exclusively for exchanging files with Google Drive ... I'd hardly consider this "RESOLVED FIXED". :-(

What's more, the solution to use the GNOME configuration file at https://discuss.kde.org/t/kde-online-accounts-not-signing-in/3411/38 seems to work fine here, so this isn't even a technical issue, more like a configuration one. Can't we simply use the same line of reasoning to persuade Google to allow KDE access the Google ecosystem as the GNOME guys did? What did they do differently?

Comment 48 Eduardo Correia 2025-01-15 20:26:53 UTC

This report might be marked as RESOLVED FIXED, but a different bug report should be opened to fix the now missing google drive integration.

Comment 49 Nate Graham 2025-01-15 21:53:05 UTC

Yes, feel free. This bug report is purely about being unable to *add* a Google account. The fact that Google Drive is broken now is a separate (and worse) issue.

Comment 50 Nate Graham 2025-01-15 21:55:44 UTC

JFYI, the solution to use the GNOME configuration file is no solution at all; it's essentially impersonating GNOME and piggypacking on the work they *did* do to retain permission to access Google Drive that KDE wasn't able to do yet. If Google finds out about this, it's likely they'll revoke GNOME's authorization too to prevent others from using it for software that wasn't approved, permanently ban KDE from accessing Google Drive again, or both.

Comment 51 Marc 2025-01-15 23:44:22 UTC

(In reply to Nate Graham from comment #50)
> JFYI, the solution to use the GNOME configuration file is no solution at
> all; it's essentially impersonating GNOME and piggypacking on the work they
> *did* do to retain permission to access Google Drive that KDE wasn't able to
> do yet. If Google finds out about this, it's likely they'll revoke GNOME's
> authorization too to prevent others from using it for software that wasn't
> approved, permanently ban KDE from accessing Google Drive again, or both.

I think the line of reasoning presented isn't "KDE should just steal the gnome config" but more along the lines of GNOME seems to have engaged with google and properly resolved this including the google drive concerns and could we find out who is in charge of managing these APIs/etc and assign this to them so that they can engage with google to properly fix this instead of removing functionality?  

It seems like at that point, we already know the current code itself is sound so any changes made to remove functionality here to make it work now would end up reverted, so would end up just being wasted effort, even if that effort is minimal.

Comment 52 Nate Graham 2025-01-16 00:32:14 UTC

No one is in charge of managing this; KDE is not a company with people assigned to things in that manner.

Most KDE developers minimize their usage of Google services these days, so the overlap between "people who care about Google Drive integration working" and "people who have the interest and time to engage with Google to prove the security of KDE's Google Drive client implementation" is becoming smaller over time. That's the backstory to why this broke, why it's not fixed yet, and why even my exceptionally crude change took so long to get done.

If anyone wants to take initiative to communicate with Google directly on KDE's behalf to prove the security of our Google Drive client, and then also do it again every year when they make us re-certify, and then also do it again randomly when they tighten the requirements again, please let me know and I'll be happy to direct you to the right place.

Comment 53 Krzysztof 2025-01-16 06:50:58 UTC

I use openSUSE Tumbleweed and replacing google privider with Gnome ID is solution for me. It works but Nate Graham has right in his latest comment.

Comment 54 Nate Graham 2025-01-16 15:00:06 UTC

Git commit 78a81aafedced524c1bc9f16788c4304acc3b807 by Nate Graham.
Committed on 16/01/2025 at 14:58.
Pushed by ngraham into branch 'release/24.12'.

Google: stop requesting gdrive permission

Google blocked us from using this back in June because we weren't able
justify our API usage to their satisfaction. As such, the permission is
now blocked, and including it here prevents people from logging into
their Google accounts for any other purposes, making 25% of the
KAccounts KCM non-functional. Remove the gdrive permissions for now so
at least other Google things can work (at least in theory).
FIXED-IN: 24.12.2


(cherry picked from commit 1652091be7df65ea16e6eb6d044460c90c19b420)

Co-authored-by: Nate Graham <nate@kde.org>

M  +1    -2    providers/google.provider.in

https://invent.kde.org/network/kaccounts-providers/-/commit/78a81aafedced524c1bc9f16788c4304acc3b807

Comment 55 Roke Julian Lockhart Beedell 2025-01-18 12:00:45 UTC Comment hidden (spam)

Created attachment 177501 [details]
Result after login with a Google Account in KDE

Comment 56 Roke Julian Lockhart Beedell 2025-01-18 12:01:04 UTC Comment hidden (spam)

Created attachment 177502 [details]
Error in KCM GUI

Comment 57 Nate Graham 2025-01-19 01:14:39 UTC

(In reply to Roke Julian Lockhart Beedell from comment #55)
> Created attachment 177501 [details]
> Result after login with a Google Account in KDE
This is what's fixed here.


(In reply to Roke Julian Lockhart Beedell from comment #56)
> Created attachment 177502 [details]
> Error in KCM GUI
This is a different issue, typically seen in built-from-source sessions. Not related to this issue.

Comment 58 OpenOS-Founder 2025-01-20 00:05:47 UTC Comment hidden (spam)

(In reply to shatz.dan from comment #0)
> Created attachment 165499 [details]
> Google sign in browser window
> 
> SUMMARY
> 
> 
> STEPS TO REPRODUCE
> 1. System Settings -> Online Accounts -> Add -> Google
> 2. Enter email, press next.
> 
> OBSERVED RESULT
> Couldn’t sign you in - This browser or app may not be secure. See screenshot.
> Learn more leads here:
> https://support.google.com/accounts/answer/7675428?hl=en-US
> 
> 
> EXPECTED RESULT
> Password/2FA fields are shown.
> 
> SOFTWARE/OS VERSIONS
> Windows: 
> macOS: 
> Linux/KDE Plasma: 
> (available in About System)
> KDE Plasma Version: 
> KDE Frameworks Version: 
> Qt Version: 
> 
> ADDITIONAL INFORMATION

Happy New Years to all . . . 

A while ago I was doing some research on various KDE Frameworks in order to build a KDE Variant of ChromiumOS featuring Plasma is the replacement for the Ash/Aurora UI/UX Userspace elements.

I came across a ChromiumOS Derivatives called ThoriumOS, whose inner workings of Google Drive Support on a ChromiumOS base image using this Git Issue . . . [ https://github.com/Alex313031/ThoriumOS/issues/18 ]

Could/Would it be possible to setup this Google Drive Configuration/Deployment connect to "kaccounts-providers". Using a nested btrfs/zfs subvolumes for each added Google account or if going more technical using a Incus/LXC/LXD + Docker/Podman/Pods/Distrobox "Container" backend multiple instances of each per added Google Account so it's secluded from the rest of the host/base system . . . ?

I hope I have artikulated this well enough . . . ?(In reply to Nate Graham from comment #2)
> Indeed, it looks like we're going to need to make some changes here.

Happy New Years to all . . . 

A while ago I was doing some research on various KDE Frameworks in order to build a KDE Variant of ChromiumOS featuring Plasma is the replacement for the Ash/Aurora UI/UX Userspace elements.

I came across a ChromiumOS Derivatives called ThoriumOS, whose inner workings of Google Drive Support on a ChromiumOS base image using this Git Issue . . . [ https://github.com/Alex313031/ThoriumOS/issues/18 ]

Could/Would it be possible to setup this Google Drive Configuration/Deployment connect to "kaccounts-providers". Using a nested btrfs/zfs subvolumes for each added Google account or if going more technical using a Incus/LXC/LXD + Docker/Podman/Pods/Distrobox "Container" backend multiple instances of each per added Google Account so it's secluded from the rest of the host/base system . . . ?

I hope I have artikulated this well enough . . . ?

Comment 59 Roke Julian Lockhart Beedell 2025-01-20 10:53:06 UTC

(In reply to OpenOS-Founder from comment #58)
You'll have more luck asking that at https://discuss.kde.org/new-topic. I don't think this is the place for that.

Comment 60 Camilo Bohórquez 2025-01-20 14:49:59 UTC Comment hidden (spam)

As for the solution, when will it be released for Ubuntu?

Comment 61 Roke Julian Lockhart Beedell 2025-01-20 15:24:08 UTC Comment hidden (spam)

(In reply to Nate Graham from comment #57)
If it's typically from built-in-source sessions, would it be of any use me making a report for it? I'm using solely the Fedora 41 RPMs.

Comment 62 Nate Graham 2025-01-21 19:26:29 UTC

(In reply to Roke Julian Lockhart Beedell from comment #61)
> (In reply to Nate Graham from comment #57)
> If it's typically from built-in-source sessions, would it be of any use me
> making a report for it? I'm using solely the Fedora 41 RPMs.

If you haven't built Plasma from source, then your issue is caused by a local setup issue or else a distro packaging issue. Either way, let's stop spamming this bug report with it, since 54 people are subscribed and they probably aren't interested in getting emails about unrelated issues.

Comment 63 Kevin Krammer 2025-01-27 14:38:24 UTC Comment hidden (spam)

(In reply to piedro from comment #45)

> But my original problem is still the same - I cannot add the Gmail account
> to Kmail!  

I just did that two days ago using this guide
https://cubiclenate.com/2024/03/12/gmail-accounts-with-kmail/

Apparently GMail doesn't allow regular password logins anymore but requires an "app password" that their web interface has generated.

Since the guide was written they seem to have moved the "app password" to some other place, I had to use their help search function to find it.

Comment 64 piedro 2025-01-28 06:44:00 UTC Comment hidden (spam)

(In reply to Kevin Krammer from comment #63)
> (In reply to piedro from comment #45)
> 
> > But my original problem is still the same - I cannot add the Gmail account
> > to Kmail!  
> 
> I just did that two days ago using this guide
> https://cubiclenate.com/2024/03/12/gmail-accounts-with-kmail/
> 
> Apparently GMail doesn't allow regular password logins anymore but requires
> an "app password" that their web interface has generated.
> 
> Since the guide was written they seem to have moved the "app password" to
> some other place, I had to use their help search function to find it.

Thank you! 

This does works to some extent but kmail crashes while trying to remove the old identity and also I cannot send with this - even after trying the new password... so well, at least I can get some mail again...

Comment 65 Kevin Krammer 2025-01-28 07:50:11 UTC Comment hidden (spam)

(In reply to piedro from comment #64)
> (In reply to Kevin Krammer from comment #63)
> > (In reply to piedro from comment #45)
> > 
> > > But my original problem is still the same - I cannot add the Gmail account
> > > to Kmail!  
> > 
> > I just did that two days ago using this guide
> > https://cubiclenate.com/2024/03/12/gmail-accounts-with-kmail/
> > 
> > Apparently GMail doesn't allow regular password logins anymore but requires
> > an "app password" that their web interface has generated.
> > 
> > Since the guide was written they seem to have moved the "app password" to
> > some other place, I had to use their help search function to find it.
> 
> Thank you! 
> 
> This does works to some extent but kmail crashes while trying to remove the
> old identity

You can also manually remove identities from $HOME/.config/emailidentities
(probably best while KMail is not running)

> and also I cannot send with this - even after trying the new
> password... so well, at least I can get some mail again...

Ah, I haven't tried sending.

I vaguely remember reading somewhere that smtp.gmail.com no longer works and needs changing to smtp.googlemail.com but would still use the "normal" password (probably because SMTP doesn't access any data on the server)

Comment 66 piedro 2025-01-28 08:08:29 UTC Comment hidden (spam)

> You can also manually remove identities from $HOME/.config/emailidentities
> (probably best while KMail is not running)

I've done that -  that is in deed a working workaround... 
Still, this should be fixed - I added a note to the existing bug report I found on this... 
 
> Ah, I haven't tried sending.
> 
> I vaguely remember reading somewhere that smtp.gmail.com no longer works and
> needs changing to smtp.googlemail.com but would still use the "normal"
> password (probably because SMTP doesn't access any data on the server)

I've done a few tests and got some success - using "plain" password with StartSSL seems to work.  
(making sure it's using the same app apssword obviously!)

Great! Thank's a lot - getting mail and I am able to send also! 

Now if the KMail search folders are fixed eventually (those broke again! Bug report gets no reaction...) then Kmail is a real mail client again! 

Cheers! 
p.

Comment 67 Roke Julian Lockhart Beedell 2025-01-28 10:26:50 UTC Comment hidden (spam)

(In reply to Kevin Krammer from comment #63)  
That's standard for most online accounts. If you're familiar with GitHub and GitLab, they enforce 2FA now (usually TOTP), which cannot easily be implemented in consuming applications. Consequently, they provide an authentication token.

(In reply to piedro from comment #64)  
DrKonqi should appear when that happens. Or, if you're on Fedora, "Problem Reporting" should have tracked it. Maybe consider going through the reporting process – I presume it's unintended that KMail *crashes* from this.

(In reply to Nate Graham from comment #62)  
Mentioned at https://discussion.fedoraproject.org/t/142986. I've lobbed it on the end of this, so that I don't make more e-mail than necessary.

Comment 68 Nate Graham 2025-01-28 16:56:18 UTC

KMail has its own account system not connected to this, so connection issues there are not related.

Please take any discussion of login issues in KMail elsewhere. Thanks.

Comment 69 John Kizer 2025-02-23 22:05:27 UTC

*** Bug 499725 has been marked as a duplicate of this bug. ***

Comment 70 Camilo Bohórquez 2025-02-24 00:02:18 UTC

Please re-open... The issue stills with signon-ui 0.17.

My System is Ubuntu Studio 24.04.2 LTS with KDE Plasma 5.27.12.

Comment 71 TraceyC 2025-02-24 17:29:08 UTC

(In reply to Camilo Bohórquez from comment #70)
> Please re-open... The issue stills with signon-ui 0.17.
> 
> My System is Ubuntu Studio 24.04.2 LTS with KDE Plasma 5.27.12.

The code changes mentioned in https://bugs.kde.org/show_bug.cgi?id=480779#c54 would need to be adopted in some way by the Ubuntu Studio / Kubuntu folks downstream for this change to be included in those long-term support versions.

Comment 72 John Kizer 2025-03-15 22:49:33 UTC

*** Bug 500807 has been marked as a duplicate of this bug. ***

Comment 73 John Kizer 2025-03-16 03:23:59 UTC

*** Bug 500918 has been marked as a duplicate of this bug. ***

Comment 74 Nate Graham 2025-03-17 17:08:37 UTC

*** Bug 501626 has been marked as a duplicate of this bug. ***

Comment 75 jwlibuntu 2025-03-17 17:29:21 UTC

Created attachment 179504 [details]
attachment-4045051-0.html

Oh sorry kinda new

On Mon, Mar 17, 2025, 12:08 PM Nate Graham <bugzilla_noreply@kde.org> wrote:

> https://bugs.kde.org/show_bug.cgi?id=480779
>
> Nate Graham <nate@kde.org> changed:
>
>            What    |Removed                     |Added
>
> ----------------------------------------------------------------------------
>                  CC|                            |jwlibuntu@gmail.com
>
> --- Comment #74 from Nate Graham <nate@kde.org> ---
> *** Bug 501626 has been marked as a duplicate of this bug. ***
>
> --
> You are receiving this mail because:
> You are on the CC list for the bug.

a.bontozoglou
abnec+kde
achilleas.k
adamplusplus
admi.openos.neon
admin
andres.becerra
bandreabis
camibohp
cdennett
darkstar723
dave
devminer
diego.ml
e.louwsma
eduardosareias
elvis.angelaccio
esteve.graells
francis.mestdagh
gabriel.rilling
gamall.ida
garethchoake
gerbilsoft
gtx.swift
guido.iodice
jens-bugs.kde.org
julien.dlq
junalmeida
jwlibuntu
kajusslekys38
kde
kde
kdedev
kishore96
krammer
kroot.patel
landry.minoza
leob94mt
leon.hirschring
Luckychris2445
marco_parillo
michele.milano1956
mrjoeharris
nate
nicolas.fella
o.g.m.belleux
ocobblepot
pfmiller
piedro.kulman
postix
rafaeldominiquini
rektal.tk
reuben_p
rulatir
shahms
tamer
therajatshahare
treble-acid-copied
wildlux
ybx332