EDIT from maintainer @ronjouch see comments below, the workaround as of March 2020 is to lie about the userAgent, for example passing --user-agent "Mozilla/5.0 (Windows NT 10.0; rv:74.0) Gecko/20100101 Firefox/74.0" . It would be cool to do that automatically on opening / navigating to an accounts.google.com page, PR welcome.

Description

I've created a nativefier app for https://contacts.google.com, and it installs just fine, but Google seems to be blocking the initial login with this message:

You're using a browser that Google doesn't recognize or that's set up in a way we don't support.
To keep your Google Account secure, sign in on another browser or change your browser's settings.

My older nativefier apps pointed to Google services are still loading OK, I'm guessing because the login is already saved and Google isn't blocking things at that stage.

I'll note that I also tried another desktop app generator (https://github.com/quanglam2807/webcatalog), and the same issue is occurring, so perhaps there's some deeper fix needed at the Electron level or something?

Steps to reproduce issue

1. Create the app with the command below
2. Try to log into Google
3. Get the message listed above

Details

• Are you nativefying a public website? Yes
• Feature request? Have you looked at nativefier --help to see if an existing option could fit your needs? Yes
• Full nativefier command used to build your app: nativefier --electron-version 6.0.2 --name "Google Contacts" --icon "/home/hunmonk/Pictures/icons/google-contacts.png" --internal-urls "contacts.google.*?" --single-instance "https://contacts.google.com"
• Version of Nativefier (run nativefier --version): v7.6.12
• Version of node.js (run node --version): v10.15.2
• OS: Ubuntu 19.04
• Error message / stack trace (if any): None

this is a well known issue:

Google will no longer allow OAuth requests to Google in embedded browsers. "On April 20, 2017, we will start blocking OAuth requests using web-views for all OAuth clients on platforms where viable alternatives exist." We received this notice. In our iOS app using the Google drive, but google drive sdk no updated.

more information: https://stackoverflow.com/questions/41705752/google-oauth-electron-webview-deprecation

Google solutions: https://developers.google.com/identity/protocols/OAuth2InstalledApp

you cannot electronize Google's original apps anymore -> deal with it, it's forbidden

Weird, it still works fine for me.

It works for me on installations that I had logged into previously, but not newly created applications.

I can do it on new applications

@Aidoboy are you using 2-factor authentication?

Further testing seems to confirm that the issue only occurs with 2-factor authentication enabled on the Google account.

If this is in fact the limitation, I wonder if there are any practical workarounds besides completely disabling 2-factor authentication?

it's not 2FA related

any app trying to reach out to Google OAuth login page will open an external browser window

installed apps must open the system browser and supply a local redirect URI to handle responses from Google's authorization server

It's working with 2FA for me too. I use --internal-urls "(.*?contacts\.google\.com.*?|.*?accounts\.google\.com.*?)".
EDIT: see also #706

This must have been a temporary issue on the Google end, as I just tried the original nativefier app recently, and it's logging in just fine now.

This must have been a temporary issue on the Google end, as I just tried the original nativefier app recently, and it's logging in just fine now.

https://security.googleblog.com/2019/04/better-protection-against-man-in-middle.html

note:

Because we can’t differentiate between a legitimate sign in and a MITM attack on these platforms, we will be blocking sign-ins from embedded browser frameworks starting in June 2019.

nativefier --electron-version 7.1.2 --name "Google Contacts" --internal-urls "contacts.google.*?" --single-instance "https://contacts.google.com"

this works perfectly

nativefier --electron-version 7.1.2 --name "Google Contacts" --internal-urls "contacts.google.*?" --single-instance "https://contacts.google.com"

this works perfectly

@maxogden App crashes when trying to use --electron-version 7.1.2 (osx Mojave)

@thehunmonkgroup and everybody else - I found a fix by this comment ( thank you so much @futurehaskins).

This works well:
nativefier https://mail.google.com/mail --user-agent 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0' --name "My Gmail" --internal-urls ".*accounts .google.com.*"

@thehunmonkgroup and everybody else - I found a fix by this comment ( thank you so much @futurehaskins).

This works well:
nativefier https://mail.google.com/mail --user-agent 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0' --name "My Gmail" --internal-urls ".*accounts .google.com.*"

Doesn't work for me, unfortunately

Finally found a solution, thanks royts. Removing the space worked for me. Kept getting the 'This browser or app may not be secure' when trying to sign into googles remote desktop.
nativefier "https://remotedesktop.google.com/access/" --user-agent 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0' --name "RemoteD" --internal-urls ".*accounts.google.com.*|remotedesktop.google.com/access/"

@thehunmonkgroup and everybody else - I found a fix by this comment ( thank you so much @futurehaskins).
This works well:
nativefier https://mail.google.com/mail --user-agent 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0' --name "My Gmail" --internal-urls ".*accounts .google.com.*"

Doesn't work for me, unfortunately

Tried again without the space (could have sworn I tried that previously, hmmm) and it works perfectly.

@thehunmonkgroup and everybody else - I found a fix by this comment ( thank you so much @futurehaskins).
This works well:
nativefier https://mail.google.com/mail --user-agent 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0' --name "My Gmail" --internal-urls ".*accounts .google.com.*"

Doesn't work for me, unfortunately

Tried again without the space (could have sworn I tried that previously, hmmm) and it works perfectly.

This isn't working currently.
After I enter the 2-step verification code it opens a tab in the default browser with the following message:

400. That’s an error.
     The requested URL was not found on this server. That’s all we know.

Here is the address from the tab:

https://mail.google.com/accounts/SetOSID?authuser=0&continue=https%3A%2F%2Faccounts.youtube.com%2Faccounts%2FSetSID%3Fssdc%3D1%26sidt%3DALWU2cuRdPBT0x7M6pkFNTW7585laPdinejaS13FD9lFbEyGS7pJeHiqUnItCWckeyThTWDfo2x8l%252F%252BuiQiGFF2baoRCUIxnhrYBD7ZkT8YrgGJy4kJ2cKm7ssqRRUu3C4NKWKVy9BHBRnaIgZy9TixysDdtRzAXapIDG39YVAjCIVKEqlzmAGA%252BQ3QwP1fgHkACp0rgpIqGa2xj%252BjKTZim0ySdhgs6dN2WGCqY8zr%252FXnLUnm8UowzMWRbj7PyVlmRCl%252B9Tgi%252BFcr%252BfsGn%252Fc2nXVQ%252BbxOsrSj0qaiRz7veNIbBJQeZIWaSzhpuvI1oluD3nLNsB8qPL17kG0HkSBCXcjlNe%252F%252BnLYSbh1YaoogWMbuI0pIYJdGclQ9TFQJ5h6smcb1Xw8%252BmA%252FUJ0e2yCz9ywph%252BXgNJZkLA%253D%253D%26continue%3Dhttps%253A%252F%252Fmail.google.com%252Fmail%252F%26dbus%3DCA%26dbus%3DRU&osidt=ALWU2cu9jiz-WfWrhTXv2sO5Yf1DLUa2Z_9rUQaZLoG_M-5B806dn8SR83y4Qt4Y2tef3KID6u9Og_TLHQRIFj55ADlBgT38mdd3DDrl_ChfAuC1tvbwPqqrz9HVGmSs1izXUgIR-7lT0j0i4QkTN-D6sfTkvadZBBdqcrSC2weJMzSdw1DsQqM-RK8P68iL_-KYTki-Qiv3_yKamQjEI4RsutFZs8x7TQ

Here is the command that worked for me:

nativefier "https://mail.google.com/" --maximize --name Gmail --user-agent "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" --internal-urls "(.*?mail\.google\.com.*?|.*?accounts\.google\.com.*?)" --single-instance --electron-version 7.1.11

I copied it from here: https://aur.archlinux.org/packages/google-calendar-nativefier/

Hope this little tidbit also helps people out:

After successfully logging in using the FF userAgent hack described, I found that external links were broken in Gmail. Solved this by:

1. Creating the original nativefier app with --user-agent "Mozilla/5.0 (Windows NT 10.0; rv:74.0) Gecko/20100101 Firefox/74.0"
2. Open the app, log into Google
3. Shut down the app
4. Edit [path to app]/resources/app/nativefier.json, and remove the userAgent attribute from the JSON.
5. Open app, profit.

Here is the command that worked for me:

nativefier "https://mail.google.com/" --maximize --name Gmail --user-agent "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" --internal-urls "(.*?mail\.google\.com.*?|.*?accounts\.google\.com.*?)" --single-instance --electron-version 7.1.11

I copied it from here: https://aur.archlinux.org/packages/google-calendar-nativefier/

Thank you ! It works for me !

I tried all the solutions here, and still couldn't get it to work for classroom.google.com.

What worked for me:
Go to https://www.whatismybrowser.com/detect/what-is-my-user-agent and use the user agent they say your browser is using. I imagine that all the user agent strings I was using were old versions, and that Google is being more aggressive about rejecting old versions of browsers. I used my current user agent string, along with internalUrls set to .* and it worked fine for me. Next step for me will be constraining the .* to a more restricted Regex, but at least I got the app to work!

FWIW, I made a few changes that would compute the version number of the latest Chrome release and set that as the agent string every time the nativified app starts. I'm not going to make a pull request for it, because it's a very brittle (uses screen scraping) and does some async stuff in ways that make me uncomfortable - but if you want to, go ahead and check it out:
https://github.com/joeskeen/nativefier/tree/auto-user-agent
To use it, set userAgent to auto.
I tested it and it works for Google apps.

Hi all, using Nativefier v9.1.0 on macOS Catalina v10.15.6 (19G73), I have no issues using Gmail—weird.

Simple nativefier "https://mail.google.com/" worked fine...

I am using firebase google auth for my website when converting into linux app login does not happens in my desktop app. It automatically chooses firefox to login it is not working. I need to login inside my app
nativefier --user-agent 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0' --name "My Gmail" --internal-urls ".*accounts.google.com.*"

I there. I'm digging this issue out because I'm still facing the issue.
My aim is to use a custom WebApp with GDrive integration. I've tested all of the solutions proposed above, none of them worked

Here is the command that worked for me:
nativefier "https://mail.google.com/" --maximize --name Gmail --user-agent "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" --internal-urls "(.*?mail\.google\.com.*?|.*?accounts\.google\.com.*?)" --single-instance --electron-version 7.1.11
I copied it from here: https://aur.archlinux.org/packages/google-calendar-nativefier/

Thank you ! It works for me !

This worked for me for YouTube Music. I changed it around a little to suit my needs and I also remove the explicit electron version and it seems to be working on macOS 10.15.7. This is how mine looks like:
nativefier "https://music.youtube.com" -f --user-agent "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" --internal-urls "(.*?music\.youtube\.com.*?|.*?accounts\.google\.com.*?)" --single-instance

Unable to work when using

nativefier https://www.figma.com/files/recent --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:87.0) Gecko/20100101 Firefox/87.0' --internal-urls ".*"

Definitely looks like there is an issue where the user agent isn't getting passed to the Google popup in the example @DanMossa mentioned.

User agent in main window (correct): Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:87.0) Gecko/20100101 Firefox/87.0

User agent in Google popup (incorrect): Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) figma-nativefier-37c1b6/1.0.0 Chrome/89.0.4389.128 Electron/12.0.5 Safari/537.36

Will look into it further.

Unable to work when using

nativefier https://www.figma.com/files/recent --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:87.0) Gecko/20100101 Firefox/87.0' --internal-urls ".*"

@DanMossa can you confirm if this issue is fixed in the latest version of nativefier?

I there. I'm digging this issue out because I'm still facing the issue.
My aim is to use a custom WebApp with GDrive integration. I've tested all of the solutions proposed above, none of them worked

@p-vernaeckt can you confirm that this issue remains in the latest version of Nativefier?

nativefier https://docs.google.com/spreadsheets --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:87.0) Gecko/20100101 Firefox/87.0' --internal-urls ".*" --name "Google Sheets"

worked to me (:

macOS Big Sur
Version 11.2.3

nativefier --version
43.1.2

Closing for now. If this continues to be an issue we could reopen. 😊

After a bit of tirlas and errors, I think it has to do with the domain. Accounts with .gmail.com don't work. While other accounts such as company mail accounts work alright

Here is the command that worked for me:
nativefier "https://mail.google.com/" --maximize --name Gmail --user-agent "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" --internal-urls "(.*?mail\.google\.com.*?|.*?accounts\.google\.com.*?)" --single-instance --electron-version 7.1.11
I copied it from here: https://aur.archlinux.org/packages/google-calendar-nativefier/

Thank you ! It works for me !

This worked for me for YouTube Music. I changed it around a little to suit my needs and I also remove the explicit electron version and it seems to be working on macOS 10.15.7. This is how mine looks like:
nativefier "https://music.youtube.com" -f --user-agent "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0" --internal-urls "(.*?music\.youtube\.com.*?|.*?accounts\.google\.com.*?)" --single-instance

Thanks. This was the only way I was able to log into YouTube (I just removed the "music" references to create a YouTube web app).
Mac OS 11.4
Nativefier 44.0.6

Hope this little tidbit also helps people out:

After successfully logging in using the FF userAgent hack described, I found that external links were broken in Gmail. Solved this by:

1. Creating the original nativefier app with `--user-agent "Mozilla/5.0 (Windows NT 10.0; rv:74.0) Gecko/20100101 Firefox/74.0"`

2. Open the app, log into Google

3. Shut down the app

4. Edit `[path to app]/resources/app/nativefier.json`, and remove the `userAgent` attribute from the JSON.

5. Open app, profit.

Just to add to this solution (which worked for me as well): in order to open external (non-google) urls directly in the default browser, in point 4. also change the part "strictInternalUrls":false to "strictInternalUrls":true.

Looks like this is back, and this time there's no workaround. See this post by Google: https://support.google.com/accounts/answer/6010255

Looks like this is back, and this time there's no workaround. See this post by Google: https://support.google.com/accounts/answer/6010255

@mobusby can't repro. Here, the recipe documented in CATALOG / Google Apps, nativefier -u firefox mail.google.com works for me: it lets me login and successfully opens GMail. Do you confirm?

Well, that's interesting. nativefier mail.google.com --user-agent safari worked just fine, but nativefier "https://mail.google.com/" --user-agent safari did not.
Thanks for the link to the recipes page!

@mobusby

Thanks for the link to the recipes page!

Sure. Just pushed a few README commits to make it more visible.

Well, that's interesting. nativefier mail.google.com --user-agent safari worked just fine, but nativefier "https://mail.google.com/" --user-agent safari did not.

Hmmmmmmm, can't repro here, for me both work fine. The contrary would have been very strange; when you omit the protocol, Nativefier automatically fills it as https.

That being said, I do believe you that sometimes somehow you aren't able to login, and it matches the new May 30 deadline for strengthened Google Login annoyance. But the conditions to be annoyed and to evade it seem to be unclear.

edit: strangely this worked nativefier -u firefox sheets.google.com and I was able to login after moving the new app to /Applications.

But the below did not work for me.

nativefier sheets.google.com --user-agent safari

gets

I did get it working, so 🤷

how? 🤔

See above #831 (comment)

This seemed to work fine for me today:

nativefier https://mail.google.com --icon ~/Documents/Icons/gmail-mac.png --strict-internal-urls

Another example that is working, this time for Google Fi:

nativefier messages.google.com/web/conversations \ 
--name "Google Fi" \ 
--single-instance \ 
--honest

2-Factor enabled, on VPN, from the US, verification via a tap on the phone.

Turns out all you got to do is be honest :D

Just redoing mine so they are arm64 and can confirm the above --honest works a treat.

--user-agent safari worked for me with Notion.

nativefier https://www.notion.so --name Notion --icon ~/Documents/icons/icons8-notion.svg --user-agent safari

--honest flag worked for me in a Macbook M2

i tried all of the abve commands but i cannot login using gmail

i tried all of the abve commands but i cannot login using gmail

never mind i tried again and this one worked for me:
nativefier youtube.com --name "Youtube" --single-instance --honest

Google blocks login again on some accounts
Tested: 50.1.1
Example:
nativefier https://chat.google.com --name "Chat" --darwin-dark-mode-support --single-instance --file-download-options '{"showBadge": true}' --counter "true" --honest --internal-urls ".*?chat\\.google\\.com.*?"

i tried all of the abve commands but i cannot login using gmail

never mind i tried again and this one worked for me: nativefier youtube.com --name "Youtube" --single-instance --honest

Thanks man, that worked! :)

i tried all of the abve commands but i cannot login using gmail

never mind i tried again and this one worked for me: nativefier youtube.com --name "Youtube" --single-instance --honest

Thanks that worked !