Implement YouTube OAuth2 login

[MichailiK]

This pull request...

• [ ] Fixes a bug
• [x] Introduces a new feature
• [ ] Improves an existing feature
• [ ] Boosts code quality or performance

Description

This PR adds a toggle to enable the OAuth2 capability found in the YouTube source manager. It also automatically stores & retrieves the refresh token for convenience of JMusicBot users (as the source manager does not do that itself.)

Quick summary of the login flow

Upon enabling OAuth2 (youtubeoauth2=true in the config.txt) the YouTube source manager will log the following:

[13:41:00] [INFO] [YoutubeOauth2Handler]: ==================================================
[13:41:00] [INFO] [YoutubeOauth2Handler]: !!! DO NOT AUTHORISE WITH YOUR MAIN ACCOUNT, USE A BURNER !!!
[13:41:00] [INFO] [YoutubeOauth2Handler]: OAUTH INTEGRATION: To give youtube-source access to your account, go to https://www.google.com/device and enter code ABC-DEF-GHI
[13:41:00] [INFO] [YoutubeOauth2Handler]: !!! DO NOT AUTHORISE WITH YOUR MAIN ACCOUNT, USE A BURNER !!!
[13:41:00] [INFO] [YoutubeOauth2Handler]: ==================================================

Navigating to https://www.google.com/device and entering the code will lead you to an OAuth2 page

(the source manager pretends to be a logged in TV client to play tracks)

Once allowed, the source manager logs a refresh token. For convenience, JMusicBot intercepts the log with a turbo filter & stores the refresh token as a file, youtubetoken.txt. The refresh token will be used when JMusicBot gets restarted to retrieve an access token.

Purpose

This should circumvent the "Sign in to confirm you're not a bot" message that people (particularly) on servers have been getting.

Relevant Issue(s)

Fixes #1588

Related PR: #1714

Todo

• [ ] The GUI can't seem to log the messages from the OAuth2 handler, they always end up in stdout. Have to yet look into why

[chenchuuu]

It did not works for me. I cloned this branch and after executed run_jmusicbot.sh, in my config.txt did not appear the option youtubeoauth2

[MichailiK]

JMusicBot does not alter existing config files. You will need to manually add youtubeoauth2=true to your config.txt file.

[chenchuuu]

JMusicBot does not alter existing config files. You will need to manually add youtubeoauth2=true to your config.txt file.

I have just did it, but after executed the .sh, youtubesource did not show me this log:

[13:41:00] [INFO] [YoutubeOauth2Handler]: ================================================== [13:41:00] [INFO] [YoutubeOauth2Handler]: !!! DO NOT AUTHORISE WITH YOUR MAIN ACCOUNT, USE A BURNER !!! [13:41:00] [INFO] [YoutubeOauth2Handler]: OAUTH INTEGRATION: To give youtube-source access to your account, go to https://www.google.com/device and enter code ABC-DEF-GHI [13:41:00] [INFO] [YoutubeOauth2Handler]: !!! DO NOT AUTHORISE WITH YOUR MAIN ACCOUNT, USE A BURNER !!! [13:41:00] [INFO] [YoutubeOauth2Handler]: ==================================================

[djordjepekic]

Works great! For anyone wondering, if you run the bot as a service on linux you can use 'sudo journalctl -u .service -f' to see the logs in real time and to find the code you need to enter into https://www.google.com/device.

[joseph23pronton]

i cant build the jar file, how can i build the java file? sorry im new to java things and i usually do php

[iamayod]

i cant build the jar file, how can i build the java file? sorry im new to java things and i usually do php

@joseph23pronton

I made this a few years ago but try it: https://github.com/iamayod/jmusicbotselfupdateguide

[Tako88]

Worked great for me as well!

[jagrosh]

I'll need to check the logging issue you described. A few concerns:

• Do these tokens expire? (Do we need to capture the expiration somehow and re-request auth?)
• Does this log message first appear only when trying to play something, or right when the bot starts? (Should we do a dummy request immediately if this feature is enabled?)
• Should we have an enumeration so that owners can opt to receive the request via DM instead of in the logs?

[MichailiK]

• They shouldn't expire by themselves (actual TVs using this stay logged in practically forever from my experience), though one likely could manually revoke them through their Google Account.
• Right when the bot starts, more specifically when calling yt.useOauth2();
• I guess we could see if this can be implemented in a neat way

[jagrosh]

If there is no expiration - so in theory this only happens once - maybe we just do both (log the message, and attempt to DM the owner).

[shweegl]

Can someone please build a .jar file for this?

[MichailiK]

I've made a PR that adds a new page to the wiki: #1714

Ideally we'll wanna merge this PR & the docs PR roughly at the same time, as I'm referring to the new wiki page in here:

https://github.com/jagrosh/MusicBot/blob/96ffcd8291488ac97b0f25edc958a97986aadcfa/src/main/java/com/jagrosh/jmusicbot/audio/AudioHandler.java#L210

[OzanKurt]

Can someone release this build?

[MichailiK]

The issue with (enabled) GUI not logging the instructions & showing up in stdout instead is caused by lavalink's youtube source logging the message before the GUI gets initialised & intercepts the stdout & stderr

https://github.com/jagrosh/MusicBot/blob/859e5c5862decf433f8face5eaca3372d7d27b22/src/main/java/com/jagrosh/jmusicbot/gui/ConsolePanel.java#L39-L40

A fix for this could be to just initialize the GUI earlier... or we could do nothing as we are also DM'ing the bot owner through Discord.

[bozoboo]

Adding youtubeoauth2=true to the config.txt and then starting the bot doesnt do anything.

The prompt to add the code does not appear.

[MichailiK]

It looks like people are still encountering an error stating "Invalid status code for player api response: 400" that I have to yet look into

[MichailiK]

I'm uncomfortable merging this at the moment, as YouTube seems to have begun making sign in via OAuth2 ineffective.

[MichailiK]

Google probably has rolled out a fix for this workaround to everyone by now.