Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
===================================================================
Google doesn't allow using Chrome's API keys in Chromium builds and
strongly recommends against doing so. These OAuth 2 credentials are
taken from publicly available sources, but their fitness for use in
Chromium builds is not warrantied.
===================================================================
!!! Use these keys to reactivate Sync in Chromium at your own risk;
they are extremely likely to stop working in the (near) future.
$ grep oauth2 ~/.config/chromium-flags.conf
--oauth2-client-id=77185425430.apps.googleusercontent.com
--oauth2-client-secret=OTJgUOQcT7lO7GsGZq2G4IlT
Note: The above works on Arch Linux because of its custom launcher,
plus a patch to reuse --oauth2-client-{id,secret} for setting
GOOGLE_DEFAULT_CLIENT_{ID,SECRET} similar to environment vars.
https://wiki.archlinux.org/index.php/Chromium#Making_flags_persistent
@brand1970

This comment has been minimized.

Copy link

@brand1970 brand1970 commented Mar 3, 2021

Is there any flag to change the default GOOGLE API KEY with a custom?
So to may i change GOOGLE_API_KEY , GOOGLE_DEFAULT_CLIENT_ID , GOOGLE_DEFAULT_CLIENT_SECRET , all with customs ?
I tried my own ones (passing via environment variables) and it works.
But i can not pass my GOOGLE_API_KEY via chromium-flags configuration file.

@foutrelis

This comment has been minimized.

Copy link
Owner Author

@foutrelis foutrelis commented Mar 3, 2021

@brand1970 Not at this time. (Reusing the --oauth2-client-{id,secret} ones was an easier choice to make compared to adding new switches.)

@brand1970

This comment has been minimized.

Copy link

@brand1970 brand1970 commented Mar 3, 2021

Ok, thank you. I believe that, it is a good solution the using custom credentials so that the archlinux credentials are not abused

@compwiztobe

This comment has been minimized.

Copy link

@compwiztobe compwiztobe commented Mar 9, 2021

Yes, whoever owns these credentials and whoever shares or uses them should know that OAuth credentials are NOT to be distributed, and the use of them for Chromium builds by anyone other than their owner is likely against the ToS, so it seems likely that Google will revoke these sooner rather than later. You can get your own credentials by following this guide:
https://www.chromium.org/developers/how-tos/api-keys

And then launch chromium with these environment variables to re-enable the APIs (log back into Sync, etc.) with:

export GOOGLE_API_KEY=...
export GOOGLE_DEFAULT_CLIENT_ID=...
export GOOGLE_DEFAULT_CLIENT_SECRET=...
chromium

I've replaced my chromium launcher with this script (launched from xmonad).

@brand1970

This comment has been minimized.

Copy link

@brand1970 brand1970 commented Mar 9, 2021

Or also, the credentials can be placed on ~/.profile
In this case, there is no need for chomium launcher's replacement.

@foutrelis

This comment has been minimized.

Copy link
Owner Author

@foutrelis foutrelis commented Mar 9, 2021

If you are going to use personal keys, I think you will have to subscribe to the google-browser-signin-testaccounts mailing list in order for sign-in to work. See this post for more information.

@bquast

This comment has been minimized.

Copy link

@bquast bquast commented Mar 11, 2021

Sorry would it be possible to provide a bit more explanation on how to use this approach. If I enter this grep says unrecognized option

@compwiztobe

This comment has been minimized.

Copy link

@compwiztobe compwiztobe commented Mar 11, 2021

The command is just grep oauth2 ~/.config/chromium-flags.conf showing that the following two lines should appear in ~/.config/chromium-flags.conf (after you add them of course). The alternative is passing the values with environment variables (GOOGLE_API_KEY can only be passed as an environment variable, there is no flag), or building them into the binary if you compile from source.

@bquast

This comment has been minimized.

Copy link

@bquast bquast commented Mar 11, 2021

Thanks, sorry yes I should have been able to figure that out. Created the file and added the lines. It works great!

Unrelated, but is there a good way to make the opening of docx etc. work. For me it works on Chrome, but not chromium

@DAC324

This comment has been minimized.

Copy link

@DAC324 DAC324 commented Apr 29, 2021

Hello all,

thank you very much for this discussion. However, it looks like I am still missing something.
I created API keys and all credentials according to the guide on

https://www.chromium.org/developers/how-tos/api-keys

And then launched chromium with these environment variables to re-enable the APIs (log back into Sync, etc.) with:

export GOOGLE_API_KEY=...
export GOOGLE_DEFAULT_CLIENT_ID=...
export GOOGLE_DEFAULT_CLIENT_SECRET=...
chromium

Unfortunately, I am still unable to log in to my Google account from within Chromium-Dev (92.0.4484.7). After entering my Google username, I only get the message "This browser or app may not be secure. Try using a different browser."

What do I have to do in addition in order to enable my newly created credentials in Chromium-Dev?

OK, looks like the browser's user agent has to be changed to something more convenient to Google (example: Chrome on Windows):
Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36

@KushagraKarira

This comment has been minimized.

Copy link

@KushagraKarira KushagraKarira commented May 24, 2021

Hi, i did follow all the steps and join both the groups - and the sync and required features are working,
with only problem that other google account ( one from my college ) is getting logged and it is not a cache problem.
I belive the problem is because of some API i didn't turn on

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment