2014-09-01, 09:06
(2014-08-31, 16:00)bromix Wrote:(2014-08-19, 04:43)JasonPell Wrote: Any chance of purchases support?
Even if you can't play them directly, starting the playback in a chrome browser - like the netflixbmc plugin would be cool.
I look into it. I live in germany and i haven't seen this option yet. Is there an example, screenshot or some sort of?
Its not available via the api. I added it into the older plugin using screen scraping and the api for the play lists and video info. Actually works quite well for linux only. I don't have a mac or windows machine, so I can't test it otherwise.
https://github.com/HenrikDK/youtube-xbmc-plugin/pull/73
(2014-08-31, 16:36)bromix Wrote:(2014-08-26, 17:27)JasonPell Wrote: You realize app passwords aren't all that secure. They basically make 2 factor auth pointless as they are not limited to a single app. If anyone gets hold of your app password they can access any google web services that support app passwords. Not just YouTube.As soon as someone has the refresh token of the old youtube addon your are f**** With the refresh token you don't need any password or something else (tried it with a fake account). Nothing is really safe. Please setup a transparent proxy in your home network and log some of your apps of your phone. It's so easy to decipher the data - tested it with a faked certificate, which allows you to view calls via https.
If you do some googling you may find app passwords are not as safe as you might think. I will stick with real 2 factor authentication.
This plugin does not provide access to any features of the web site that require a logon so things like purchases will never work.
App passwords don't provide access to logon via web either
This is an early alpha...the solution for the web support is not that complicated. For everything there is a solution you only have to try!
What is the refresh token you are referring to? I am assuming this is a cookie? What would be required to get authenticated web based screen scraping working, with 2 factor authentication and not app passwords?