Re: GNOME Online Accounts 3.34 won't have documents support

Given what I've read about the Google policy (and I don't know how much of that was added with the Jan. 15 revision), but it seems like the very concept of GOA as a centralized account repository goes against Google rules. Google wants to know by whom the OAuth key will be used, and how. Under an open system where any third-party can implement access to GOA, GNOME cannot be able to tell Google about the use of the key (which is part of what they're asking in their request, as the ansible issue presents <#2>).
Therefore GOA *needs* to change somewhat. At the very least, it cannot let third-party applications use the GNOME OAuth key to access Google APIs. This would be fine, however I don't think having a conceptual exception for Google is particularly good.

I see two ways to approach a hypothetical re-design of GOA.
A first way would be to put GOA as the authentication backend of the system itself (considering core apps as part of the system), and close access to third-party. This effectively is a regression on usability since having a centralized authentication system does make life (ever so slightly) easier for both users and developpers.

A second way would be one pretty much inspired from Android. In Android, apps that want access to the users' Google account simply contact the backend with an authentication request. Since Android phones are almost always linked to a Google account, the user only sees an OAuth confirmation prompt (the prompt outlining which services will be granted access to the app) which links the application's key to the account.
In GOA, this could work in a similar way: If a Google account is already present, GOA presents an OAuth confirmation dialog that grants access to the application. At any point, GOA doesn't know about which apps have been granted, because in the case of OAuth applications the role of access control is left to the account.
For non-OAuth applications, the logging in and access control is left to GOA (a simple enable/disable access to this app should be sufficent, the same way it works for location and notificatio access), but the workflow is the same.

In the second case, on top of having a more flexible GOA, it would provide real value to users and developers by having GOA continue being an open service that both reduces boilerplate and provides a centralized place to manage accounts. The downside is that this implementation is going to need work and maintainship, which might be lacking*. This is what the first option answers directly: it strips down GOA so that maintaining it is less work.

Those are my 2cc on GOA as a whole, as I do see real value in keeping it there.


* Yes, I realize I'm saying this while I'm all talk and no walk. However I am not confident in my ability to be part in such a complex project, even less writing code for it. I am however happy to help whenever and wherever I can.

Le dim. 27 janv. 2019 à 23:27, Sriram Ramkrishna <sri ramkrishna me> a écrit :
On Sun, Jan 27, 2019 at 2:24 PM Philip Chimento via desktop-devel-list <desktop-devel-list gnome org> wrote:
PS. Yes, count me among the completely surprised that GOA is not an API that apps should use. It was not communicated anywhere close to the level it needed to be. That's on GNOME, not on those app developers. This is why it's our problem.
A blog post was written and put out there because there was confusion/issues with 3rd party folks wanting to integrate with GOA. I'm not sure what more is required? As a project we tend to only communicate when there is a fire. Which given our lack of general resources is not surprising. I'm sure people want to better given appropriate resources. I want to add one comment: someone on the thread said: "we are a small niche market". No.. we're a growing niche market. I can assure you of that. This market is supporting several companies who market pre-installed machines with Linux based desktop and are thriving. It might be slow, but conversions are happening. Given we are losing google services, gnome-documents seems to lose a lot of what would make it useful - managing cloud based documents. The fact that we are losing this is much more alarming to me than this discussion over single sign on. Tens of thousands of people will no longer be able to use google files through nautilus seems like a big deal to me in three weeks and should in fact be communicated immediately as an existential community issue. GOA will figure itself out one way or another if we care about the issue. I wish people would ask me if they need help getting people to help. It's one of the things that engagement people are supposed to help with rather than throwing your hands up in the air and say we don't have resources. They are out there. You just have to attract them. sri _______________________________________________ desktop-devel-list mailing list desktop-devel-list gnome org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]