[kwlug-disc] (forw) Re: [sf-lug] Fwd: Google with TOTP (Akkana to the rescue...)

CrankyOldBugger crankyoldbugger at gmail.com
Wed Jun 29 10:30:25 EDT 2022


Weird, this email was in my Spam folder.. the rest of the emails in this
conversation came through ok..  I wonder what tipped off the Spam filter in
gmail?


On Tue, Jun 14, 2022 at 8:38 PM Khalid Baheyeldin <kb at 2bits.com> wrote:

>
>
> On Tue, Jun 14, 2022 at 6:10 PM Rick Moen <rick at linuxmafia.com> wrote:
>
>> Forwarding back.
>>
>> ----- Forwarded message from Akkana Peck <akkana at shallowsky.com> -----
>>
>> Date: Tue, 14 Jun 2022 15:21:03 -0600
>> From: Akkana Peck <akkana at shallowsky.com>
>> To: sf-lug at linuxmafia.com
>> Subject: Re: [sf-lug] Fwd: [kwlug-disc] Google with TOTP (Akkana to the
>>         rescue...)
>>
>> Ronald Barnes writes:
>> > Someone on the KWLUG list had their issue with email and Google's OAUTH
>> > implementation by using something they found on github.com.
>> >
>> > Something about the repo looked familiar - it's Akkana's script.
>>
>> Neat! Thanks for letting me know -- I love hearing things like that.
>> I've now made the change Khalid mentioned, adding the float conversion.
>>
>> I don't remember if I ever posted a link to my writeup once I
>> got OAuth2 working. If not, it's
>> https://shallowsky.com/blog/tech/email/gmail-api-oauth2.html
>>
>> I'm still working on getting the script to spit out a clear message
>> when the token expires and you have to go get a new one (which I
>> think happens once a week, if you don't use it in that time). It's
>> hard to debug something that can only be tested once a week. :-)
>> Once I'm confident it's working, I'll probably make a cron job or a
>> .zlogin job that fetches the token; I'm hoping that if I fetch it
>> more often than once a week, maybe it won't expire, but I don't know
>> since they don't make those policies clear anywhere.
>>
>>         ...Akkana
>>
>
> Yes, I did see that page from a search, and that is what led me to the
> Python program that I am using now, after the fix.
>
> And I was about to email Akkana, because I did recognize the site's
> unique name from years ago, when I used it to find the positions of
> Jupiter's moons, and their transits. Wanted to thank him/her/them
> for that too ...
>
> And here is the debug output of the python program when using the
> -d option. Maybe that will help.
>
> External password program "/yadda/gmail-oauth" wrote to stderr: JSON data:
> {'access_token': 'foo',
>  'auth_provider_x509_cert_url': '
> https://www.googleapis.com/oauth2/v1/certs',
>  'auth_uri': 'https://accounts.google.com/o/oauth2/auth',
>  'client_id': 'bar.apps.googleusercontent.com',
>  'client_secret': 'baz',
>  'expires_at': 1654915100.9797966,
>  'project_id': 'project-123',
>  'redirect_uri': 'http://localhost/',
>  'refresh_token': 'aaaaa',
>  'scope': 'https://mail.google.com/',
>  'token_uri': 'https://oauth2.googleapis.com/token',
>  'user': 'someone at gmail.com'}
> Need to refresh tokens: expired at 2022-06-11 02:38
> Refreshing token
> Refresh response:
> {'access_token': 'bbbb',
>  'expires_in': 3599,
>  'scope': 'https://mail.google.com/',
>  'token_type': 'Bearer'}
> New expiration: time.struct_time(tm_year=2022, tm_mon=6, tm_mday=11,
> tm_hour=22, tm_min=38, tm_sec=21, tm_wday=5, tm_yday=162, tm_isdst=1)
> No refresh token
>
> But I do observe that the access_token "foo" is different from the
> access_token "bbbb", so maybe it is renewing,
> since the expires_in is set to 3599 (one hour?)
> --
> Khalid M. Baheyeldin
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> https://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20220629/3cbf9f66/attachment.htm>


More information about the kwlug-disc mailing list