{"id":7273,"library":"gpsoauth","title":"Google Play Services OAuth Client","description":"gpsoauth is a Python client library for Google Play Services OAuth, enabling Python applications to use the \"master token\" flow employed by Android devices for authenticating with Google services. This is particularly useful for projects that need to interact with Google APIs in a manner similar to Android apps. The current version is 2.0.0, and releases occur as needed to address changes in Google's authentication mechanisms or Python compatibility.","status":"active","version":"2.0.0","language":"en","source_language":"en","source_url":"https://github.com/simon-weber/gpsoauth","tags":["google","oauth","authentication","android","play services"],"install":[{"cmd":"pip install gpsoauth","lang":"bash","label":"Install latest version"}],"dependencies":[{"reason":"Required for cryptographic operations to sign requests.","package":"pycryptodome","optional":false},{"reason":"Used for making HTTP requests to Google's authentication endpoints.","package":"requests","optional":false},{"reason":"Used by 'requests' and requires specific versions for compatibility with gpsoauth.","package":"urllib3","optional":false}],"imports":[{"symbol":"gpsoauth","correct":"import gpsoauth"},{"symbol":"perform_master_login","correct":"from gpsoauth import perform_master_login"},{"symbol":"perform_oauth","correct":"from gpsoauth import perform_oauth"},{"symbol":"exchange_token","correct":"from gpsoauth import exchange_token"}],"quickstart":{"code":"import os\nimport gpsoauth\n\n# It's recommended to retrieve these from environment variables or a secure configuration.\n# For a real application, avoid hardcoding sensitive data.\nemail = os.environ.get('GPSOAUTH_EMAIL', 'your_email@gmail.com')\npassword = os.environ.get('GPSOAUTH_PASSWORD', 'your_app_password') # Use an app password if 2FA is enabled\nandroid_id = os.environ.get('GPSOAUTH_ANDROID_ID', '0123456789abcdef') # A 16-character hex device ID\n\ntry:\n    # Perform master login to get the master token\n    master_response = gpsoauth.perform_master_login(\n        email=email,\n        password=password,\n        android_id=android_id\n    )\n    master_token = master_response.get('Token')\n\n    if master_token:\n        print(f\"Master Token: {master_token[:10]}...\")\n\n        # Example: Perform OAuth for Google Play Music service ('sj')\n        auth_response = gpsoauth.perform_oauth(\n            email=email,\n            master_token=master_token,\n            android_id=android_id,\n            service='sj', # Example service: Google Play Music\n            app='com.google.android.music',\n            client_sig='38918a453d07199354f8b98840b6156e19f7dc9f' # Example signature for Google Play Music\n        )\n        auth_token = auth_response.get('Auth')\n\n        if auth_token:\n            print(f\"Service Auth Token: {auth_token[:10]}...\")\n        else:\n            print(f\"Could not get service auth token. Response: {auth_response}\")\n\n    else:\n        print(f\"Could not get master token. Response: {master_response}\")\n\nexcept Exception as e:\n    print(f\"An error occurred: {e}\")\n    print(\"Ensure your email, password (or app password), and Android ID are correct.\")\n    print(\"If 2-Factor Authentication is enabled, use an App Password instead of your Google account password.\")\n    print(\"Also, check if your Google account requires a browser sign-in ('NeedsBrowser' error) or if the service is disabled ('ServiceDisabled').\")","lang":"python","description":"This quickstart demonstrates how to perform a master login to obtain a master token, and then use that token to acquire a service-specific authentication token. It's crucial to use an App Password if Two-Factor Authentication (2FA) is enabled on the Google account. Sensitive credentials are retrieved from environment variables for better security."},"warnings":[{"fix":"Upgrade your Python environment to 3.9 or higher. If unable to upgrade Python, pin gpsoauth to a version less than 2.0.0 (e.g., `pip install 'gpsoauth<2.0.0'`).","message":"Version 2.0.0 of gpsoauth raises the minimum supported Python version to 3.9. Projects using older Python versions must upgrade or stick to gpsoauth < 2.0.0.","severity":"breaking","affected_versions":">=2.0.0"},{"fix":"Ensure your `urllib3` dependency is version 2.0 or higher. If you encounter issues, verify the `requests` library (which depends on `urllib3`) is also updated to a compatible version.","message":"gpsoauth 2.0.0 introduced breaking changes related to urllib3 compatibility. It now explicitly supports `urllib3 > 2.0`, while older versions had compatibility fixes for `urllib3 < 2`.","severity":"breaking","affected_versions":">=2.0.0"},{"message":"When 2-Factor Authentication (2FA) is enabled on your Google account, `perform_master_login` will often fail with a 'BadAuthentication' error if you use your regular Google account password. You need to generate and use an App Password instead.","severity":"gotcha"},{"fix":"If `perform_master_login` fails, try the alternative flow documented in the `gpsoauth` README, which involves obtaining an `oauth_token` cookie from a browser session and using `gpsoauth.exchange_token`. Also, ensure the `client_sig` and `service` parameters for `perform_oauth` are correct for the target Google service.","message":"Many authentication failures (`BadAuthentication`, `NeedsBrowser`, `ServiceDisabled`) are due to Google's continuous changes to its authentication systems or stricter security checks. Sometimes, using the `exchange_token` flow with a manually obtained `oauth_token` cookie might be necessary.","severity":"gotcha","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"1. Verify your `email` and `password` (or `app_password`). 2. If 2FA is on, generate and use an App Password. 3. Consider trying the `exchange_token` flow as an alternative. 4. Ensure your Android ID is valid and consistent.","cause":"This is a common error indicating authentication failure. It often happens if the provided email/password (or app password) is incorrect, or if 2FA is enabled and a regular password is used instead of an app-specific password. Google's stricter security measures can also trigger this.","error":"{'Error': 'BadAuthentication'}"},{"fix":"Try logging into the Google account in a web browser from the same network/IP address to clear any security prompts. If the issue persists, the `exchange_token` flow, where you manually obtain an `oauth_token` cookie after a browser login, might be the only workaround.","cause":"Google sometimes requires a browser-based sign-in for new devices or unusual activity, even with correct credentials, to verify identity. This prevents programmatic login.","error":"Error: NeedsBrowser"},{"fix":"Check if the Google service is enabled for the account. Review the `gpsoauth` GitHub repository's issues or changelog for recent updates regarding `request format` changes that might address this error, as version 2.0.0 had an update to fix this issue for some services.","cause":"This error indicates that the Google service you are trying to access (specified by the `service` parameter in `perform_oauth`) is either disabled for the account or the request format is no longer accepted by Google.","error":"{'Error': 'ServiceDisabled'}"}]}