Allow users to have their own Oauth2 app for every provider instead of the default Gnome one
In a corporate environment I am not allowed to give that many permissions to any 3rd party for Google Drive. This is a security requirement form my Company, therefore I cannot use Gnome Online Accounts.
On the other hand I Can generate my own Oauth2 Internal App. An if credentials leaks then non corporate emails trying to login will get this message.
Doc around internal oauth2 apps on google help
An internal application will only allow access to users from your organization (@your-organization.com).
I think the same can apply to other providers as well
My proposition is to add the ability in the Online Account UI to change the Oauth2 credentials with a settings button next to each account type. By looking at the source code it looks like the credentials are hardcoded at build time, generating a default config file with the clients config on disk seems like a more flexible approach.
- client_id=xxxxxxxxxx
- client_secret=xxxxxxxxxx
- Being able to override the just the 'scopes' would also solve #62 (closed)