Last active
December 14, 2015 09:38
-
-
Save romainguinot/5065977 to your computer and use it in GitHub Desktop.
this is the supporting description for the associated gists. Apparently you currently can't format a gist description with wiki syntax, or even newlines.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This referenced files below pertain to a modified checkgmail version, that includes the following features. | |
Original project is at : http://checkgmail.sourceforge.net/. | |
It is based on the latest available sourceforge revision (r47). | |
- two factor support (config, UI, integration). | |
(see http://support.google.com/accounts/bin/answer.py?hl=en&answer=180744). | |
* If two factor auth is used, one needs to initially provide (and optionally store) : | |
- an application-specific password to authenticate against the atom feed, | |
see http://support.google.com/accounts/bin/answer.py?hl=en&answer=185833. | |
- the main google account password, to authenticate against the Gmail web UI (if using cookies). | |
- a validation PIN code, obtained for example with the Google Authenticator application. | |
- Each of these items can be persisted either in the prefs, or in KWallet. | |
For the PIN code, it is not the pin code itself that is persisted, but the "trust" cookie returned | |
after a successful verification, therefore not requiring to enter a PIN code at every login. | |
* It is highly recommended to use an app, such as the Google Authenticator, | |
rather than relying on the sms/text messsage service to get the verification PIN code, | |
which can be unreliable and isn't available in every country. | |
* Even if you do not want to use a phone app, you can use a desktop client such as | |
http://blog.jcuff.net/2011/02/cli-java-based-google-authenticator.html | |
to obtain the same PIN codes, based on your secret key obtained | |
in the google account 2-step security page. | |
- refactored kwallet integration, based on the existing patch available at : | |
http://sourceforge.net/tracker/?func=detail&aid=3175987&group_id=137480&atid=738663. | |
- fixed full text display when clicking on individual e-mails. | |
- refactored the login code. | |
- additional refactoring/bugfixing / code de-duplication. | |
- full, pre-patched file : | |
* https://gist.github.com/romainguinot/10866374 | |
- patch that applies against the latest available sourceforge revision (r47) : | |
* https://gist.github.com/romainguinot/10866682 | |
Apr 16th,2014 : updated with CSRF support for initial 2nd factor / PIN Entry. | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment