Re: [Evolution] More authentication headaches

[Milan Crha <mcrha redhat com>]

On Fri, 2016-10-21 at 09:50 +0200, Milan Crha wrote:
> just a little update on the GOA issue. There is opened bug
> https://bugzilla.gnome.org/show_bug.cgi?id=773248
> thus let's use it. I'll write the story here, but then let's move to
> the bug report. Also, the above is for GOA-configured accounts, while
> the below is for Google accounts configured directly in the
> evolution:
> https://bugzilla.gnome.org/show_bug.cgi?id=771547
> Both ways to connect to the Google services have/had some issues
> specific to the respective method, but also some common issues.

        Hello,
this might be hopefully one of the last posts to this thread and I'll
try to keep it short. I checked a dashboard of the Google keys used for
the Google accounts configured directly in the evolution for version
3.20.0+ and using OAuth2 (those where the credentials prompt opens a
Google login web page, instead of showing a username & password prompt
only), and it shows me below statistics. There are three ranges,
30 days, 7 days and one last day, taken several minutes ago. Even it's
only a request statistic, I think it doesn't behave that bad. Of
course, I cannot determine from it whether a patched version of the
evolution-data-server had been used or not, but let's be optimistic. Or
better, if there is anyone with the patched evolution-data-server (see
the bugs above), then I'd like to hear back. I plan to gather all the
changes from the test build and release evolution-data-server-3.20.6 by
the end of the November (around the mid of the next week), thus
everyone can benefit from those changes. Supposing I do not receive any
bad responses from the testers.

Just to refresh your memories, the old and/or unpatched versions can
still influence the proper versions, thus users can still see the
errors about "Exceeded Daily Limit", but as more and more people will
get to the patched versions it'll get better.

To make one thing clear: the GOA (GNOME Online Accounts) is not
deprecated, neither preferred. The current situation (since 3.20.0) is
that that users can use either GOA or create their Google account
directly in the evolution. The difference is that the GOA is used by
more people, by many more (past) versions of the evolution-data-server, 
thus there are more bad requests, which results in sooner reach of the
daily limit. It's not a fault of GOA, it's a fault of the evolution-
data-server and the way it handled OAuth2 tokens. There had been
suggested to use in-the-evolution configured Google accounts just to
workaround the problem temporarily. The things will be better for both
methods with the added fixes.

        Thanks and bye,
        Milan

P.S.: I do not have access to the statistics of the GOA keys, thus this
is only for the evolution-data-server keys:

30 days:
                                Requests        Errors          Error ratio
CalDAV API                      10,593,211      107,103         1
.01%
Google Contacts CardDAV API     1,451,645       324             0.02%
Contacts API                    741,777         93,648          12.62%
Tasks API                       172,759         2               0%      

7 days:
                                Requests        Errors          Error ratio
CalDAV API                      2,515,915       27,086          1.08%
Google Contacts CardDAV API     392,957         70              0.02%
Contacts API                    310,675         93,383          30.06%
Tasks API                       44,749          1               0%

1 day:
                                Requests        Errors          Error ratio
CalDAV API                      495,233         3,948           0.8%
Google Contacts CardDAV API     48,914          2               0%
Contacts API                    25,346          55              0.22%
Tasks API                       6,123           0               0%