Google Authentication Change

On September 1, 2022, Google will shut off a particular authentication flow that Deja Dup happened to use.

How Will This Affect Users?

Users that already authenticated with Google will continue to work properly. But any new users will not be able to authorize Deja Dup to use their Google account September onward.

What Versions Are Affected?

All versions from 40.0 through 43.2. Versions before 40.0 used authentication through GNOME Online Accounts, while versions 43.3 and above have been fixed.

What's the Fix?

In 43.3, I've switched Deja Dup to use a slightly different authentication method. This one relies on Deja Dup registering itself as a mimetype handler for a custom URI scheme that looks like 'com.googlecontent.xxx' (it involves a long UUID that is part of Deja Dup's client ID registered with Google - so this won't conflict with another app on the system). Then, once Google finishes authorizing the user, it will attempt to open a URI with that scheme, launching Deja Dup, and passing it the oauth token.

Backported Patches

For in-progress/rolling distro releases, you can simply update your package to 43.3. For older existing supported releases, I've prepared some backported patches for your convenience. I recommend patching as soon as possible, so that people will have updated by the time September rolls around.

If you need to backport to a release that isn't covered below, let me know and I can help prepare a patch for you.

* 42.8 and 42.9

* 42.7

* 40.7