This file is indexed.

/usr/share/doc/gnome-online-accounts/README is in gnome-online-accounts 3.28.0-0ubuntu2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
GNOME Online Accounts - Single sign-on framework for GNOME
==========================================================


Facebook
--------

OAuth 2.0:
https://developers.facebook.com/docs/authentication/
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow
https://developers.facebook.com/docs/reference/dialogs/oauth/
https://developers.facebook.com/tools/explorer/

Scopes: https://developers.facebook.com/docs/authentication/permissions/

Notes:
The client-side flow returns the access_token and expires_in in the URI's
fragment, and does not provide a refresh_token. However, if the user denied
access then the error is returned in the URI's query. The URIs look like this:
  - <get_redirect_uri>?#access_token=...
  - <get_redirect_uri>?error=access_denied...#_=_


Flickr
------

OAuth 1.0: http://www.flickr.com/services/api/auth.oauth.html


Foursquare
----------

OAuth 2.0: https://developer.foursquare.com/overview/auth


Google
------

OAuth 2.0:
https://developers.google.com/accounts/docs/OAuth2InstalledApp
https://developers.google.com/oauthplayground/

Scopes:
https://developers.google.com/accounts/docs/OAuth2Login
https://developers.google.com/google-apps/calendar/auth
https://developers.google.com/google-apps/contacts/v3/
https://developers.google.com/drive/web/scopes
https://developers.google.com/google-apps/gmail/oauth_protocol
https://developers.google.com/picasa-web/docs/2.0/developers_guide_protocol
https://developers.google.com/talk/jep_extensions/oauth
https://developers.google.com/cloud-print/docs/devguide

Sometimes the documentation does not mention the OAuth2 scopes that need to be
specified in the source code. In such cases, the following can be useful:
https://developers.google.com/oauthplayground/
https://discovery-check.appspot.com/

Notes:
We are allowed to embed the client_secret in the source code. See
https://developers.google.com/accounts/docs/OAuth2InstalledApp#overview


Pocket
------

OAuth 2.0 variant:
https://getpocket.com/developer/docs/authentication

Authenticating with a Firefox Account is not documented. These slides are
useful:
http://www.slideshare.net/KuoE0/pocket-authentication-with-oauth-on-firefox-os


Todoist
-------

OAuth 2.0: https://developer.todoist.com/


Windows Live
------------

OAuth 2.0: http://msdn.microsoft.com/en-us/library/live/hh243647.aspx

Scopes:
http://msdn.microsoft.com/en-us/library/live/hh243646.aspx
http://blogs.office.com/b/microsoft-outlook/archive/2013/09/12/outlook-com-now-with-imap.aspx

Notes:
We do not need the client_secret because we are marked as a desktop or mobile
application, and we use https://login.live.com/oauth20_desktop.srf as the
redirect_uri.