Dear Lazyweb,
Uncategorized
20
Posts
5
Posters
8
Views
-
@jwz Is one of them attached to a Google Workspace account?
@mark I don't know what a Google Workspace account is, so probably not?
-
undefined oblomov@sociale.network shared this topic on
-
@jwz Is the jwz account hosting an app with publish status of "Testing?" That is one thing that will cause that. It could be there is also an option buried in something you chose a long time ago.
Every single time I've ever gotten OAuth to do what I wanted (and it was a significant portion of my day job at one point) it seems like a minor miracle.
@geniodiabolico I see a line that says "Status: Enabled" in the "Additional information" sidebar on the right. Is there a different place to look?
-
@geniodiabolico I see a line that says "Status: Enabled" in the "Additional information" sidebar on the right. Is there a different place to look?
@jwz Sorry, forgot to ask. Is this the Data API or the whatever the other one is, regular API that allows for control and creation.
-
@jwz Sorry, forgot to ask. Is this the Data API or the whatever the other one is, regular API that allows for control and creation.
@geniodiabolico I don't know how to answer that question...
-
@geniodiabolico I don't know how to answer that question...
@jwz It's OK, this stuff is a nightmare. I have totally done this but in the past so my information has rotted. Is it possible the eternal one was created in the past and the 1 week expiration is more recent?
I walked through creating an OAuth app and could not see any options for controlling expiration. I'm suspecting this expiration is automatic, out of your control and changed over time.
-
@jwz It's OK, this stuff is a nightmare. I have totally done this but in the past so my information has rotted. Is it possible the eternal one was created in the past and the 1 week expiration is more recent?
I walked through creating an OAuth app and could not see any options for controlling expiration. I'm suspecting this expiration is automatic, out of your control and changed over time.
@geniodiabolico I did at one point stumble across some documentation claiming that the refresh token lasted forever unless the token was unused for >6 months. When I read that I thought, "welp that's clearly not what's happening".
-
Dear Lazyweb,
I have two YouTube accounts, jwz and dnalounge, and I'm using the oauth API with both of them to automate uploads and stuff. With the DNA account, I am getting a refresh_token that lasts forever. But with the jwz one, I am getting a refresh_token that can only refresh the access_token for a week, and then I have to log in again. Any ideas what fuckery is afoot?
The DNA token does this...
https://jwz.org/b/yk3r@jwz https://developers.google.com/identity/protocols/oauth2#expiration says that the refresh-tokens expire after 7 days if the client is set to "testing". You should see the publishing status [here](https://console.cloud.google.com/auth/audience) (Google Auth Platform -> Audience).
-
@jwz https://developers.google.com/identity/protocols/oauth2#expiration says that the refresh-tokens expire after 7 days if the client is set to "testing". You should see the publishing status [here](https://console.cloud.google.com/auth/audience) (Google Auth Platform -> Audience).
@ascii158 Ok, it does seem to be set to testing, but when trying to change that I am now being sent down a rathole of "Branding verification issues"
Your home page URL does not include a link to your privacy policy.
Make sure your home page includes a link to your privacy policy. Learn more
Your home page does not explain the purpose of your app.Jesus Fucking Christ.
-
@ascii158 Ok, it does seem to be set to testing, but when trying to change that I am now being sent down a rathole of "Branding verification issues"
Your home page URL does not include a link to your privacy policy.
Make sure your home page includes a link to your privacy policy. Learn more
Your home page does not explain the purpose of your app.Jesus Fucking Christ.
@ascii158
Is your application for personal use only?[x] Yes [ ] No
If your app is not shared with anyone else or it will only have 100 users personally known to you, set your project's publish state to Testing. Production apps for personal use are not reviewed and will show the unverified app warning during sign-in.Your app could not be submitted for verification for the following reasons:
Your application is for Personal use only -
@geniodiabolico I did at one point stumble across some documentation claiming that the refresh token lasted forever unless the token was unused for >6 months. When I read that I thought, "welp that's clearly not what's happening".
@jwz OK, try this:
In your Google Cloud thing, under Auth look in Audience. If your app is in Testing, you need to publish. I created one just now to try to find these options and that is what it defaulted to. This is also in a place where no sensible person would ever look for it.
-
@ascii158 Ok, it does seem to be set to testing, but when trying to change that I am now being sent down a rathole of "Branding verification issues"
Your home page URL does not include a link to your privacy policy.
Make sure your home page includes a link to your privacy policy. Learn more
Your home page does not explain the purpose of your app.Jesus Fucking Christ.
@jwz@mastodon.social @ascii158@sueden.social well you already wrote a privacy policy for Google might as well link to it from YouTube. -
@jwz OK, try this:
In your Google Cloud thing, under Auth look in Audience. If your app is in Testing, you need to publish. I created one just now to try to find these options and that is what it defaulted to. This is also in a place where no sensible person would ever look for it.
@geniodiabolico Yup I just did that and it sent me down a branding verification rathole, see elsewhere in the thread...
-
@geniodiabolico Yup I just did that and it sent me down a branding verification rathole, see elsewhere in the thread...
@jwz OK, sorry. I'm out of ideas at this point. If it is any consolation, it is them and not you.
-
@ascii158
Is your application for personal use only?[x] Yes [ ] No
If your app is not shared with anyone else or it will only have 100 users personally known to you, set your project's publish state to Testing. Production apps for personal use are not reviewed and will show the unverified app warning during sign-in.Your app could not be submitted for verification for the following reasons:
Your application is for Personal use only@jwz Yes. That's a rabbit hole I also did not descend into...
-
@ascii158
Is your application for personal use only?[x] Yes [ ] No
If your app is not shared with anyone else or it will only have 100 users personally known to you, set your project's publish state to Testing. Production apps for personal use are not reviewed and will show the unverified app warning during sign-in.Your app could not be submitted for verification for the following reasons:
Your application is for Personal use only@ascii158 OMG I just stumbled across a page of detritus showing that I have been fighting with this crap for 14+ years...
-
@ascii158 OMG I just stumbled across a page of detritus showing that I have been fighting with this crap for 14+ years...
@ascii158 And if I authenticate with any of those older "projects" besides the 2024 one, every request fails with "quota exceeded", even though they have not been accessed in years.
-
Dear Lazyweb,
I have two YouTube accounts, jwz and dnalounge, and I'm using the oauth API with both of them to automate uploads and stuff. With the DNA account, I am getting a refresh_token that lasts forever. But with the jwz one, I am getting a refresh_token that can only refresh the access_token for a week, and then I have to log in again. Any ideas what fuckery is afoot?
The DNA token does this...
https://jwz.org/b/yk3rGuess what! Google is making me write *another* placebo privacy policy, just to authorize a login token to my own YouTube account. (It's a password. But they call it an "app".)
And they rejected it because in the snark-assed privacy policy for my "YouTube app" I can't use the word "YouTube" because "it could potentially confuse users and lead them to believe your app is officially affiliated with or endorsed by Google".
The "YouTube app" for logging in to "YouTube" can't say "YouTube".
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@afreytes the problem is when the earworm is Lord Trevor's The Big Bamboo and you end up listening to it on loudspeakers.
-
@fucinafibonacci @attualita in quelle carceri le istituzioni hanno mandato gli incursori eredi della X Mas per sedurre i minori alla guerra. Il messaggio è stato chiaro: sei niente, nemmeno esisti; ma se ti arruoli, avrai identità riconosciuta, un lavoro, e se sopravvivi forse pure la pensione.
-
-
@FishFace I really think there's a material difference between moderating a server like a Mastodon instance and creating an entire subindustry of misery for your inhuman product—all while presenting the thing as some magical entity that ends tool.
-
@shinmera What a sad thing to hear, both SBCL being slop'ified and also your experiences :(
-
@liaizon@social.wake.st @rick@rmendes.net We have an issue for this!
-
Effetto #Caivano. Istituti penali minorili, in tre anni le presenze crescono del 50% - Vita.it https://www.vita.it/istituti-penali-minorili-in-tre-anni-le-presenze-crescono-del-50/
-
@mttaggart presumably it wouldn't be better to *not* have anyone look at material that might be abusive, though?
Like, how can Mastodon instance admins solve the problem of abusive content without checking it?
This task is thankless, low paid, and takes a heavy emotional toll. I don't see a way to get rid of it though without either deleting online platforms (not just big tech, but fediverse ones too) or farming it out to AI. And the AI needs to be trained.
