signon-ui no longer works for Google authentication

It appears that signon-ui 0.15 causes the bug reported here:
https://bugs.kde.org/show_bug.cgi?id=420280#c40

Multiple users report no issues with 0.17, which was released 5 years ago on GitLab:
https://gitlab.com/accounts-sso/signon-ui/-/commits/master?ref_type=heads

Reproducible: Always

I was able to fix the mentioned bug by updating the `signon-ui` package as indicated by the reporter.

Just keep it mind it's not just updating the version, it's changing the upstream URL to a fork of the original package.

I was able to build the package that fix the bug applying the following changes to the SPEC file for the `signon-ui` package:

```
--- signon-ui.spec.orig 2023-08-15 20:48:44.395812563 +0200
+++ signon-ui.spec 2023-08-15 21:27:53.028272559 +0200
@@ -1,14 +1,12 @@
 Name: signon-ui
-Version: 0.15
+Version: 0.17+15.10.20150810
 Release: 19%{?dist}
 Summary: Online Accounts Sign-on Ui

 License: GPLv3
-URL: https://launchpad.net/signon-ui
+URL: https://gitlab.com/accounts-sso/signon-ui

-Source0: https://launchpad.net/signon-ui/trunk/%{version}/+download/signon-ui-%{version}.tar.bz2
-
-Patch0: signon-ui-0.15-fix-qt5-build.patch
+Source0: https://gitlab.com/accounts-sso/signon-ui/-/archive/%{version}-0ubuntu1/signon-ui-%{version}-0ubuntu1.tar.gz

 BuildRequires: make
 BuildRequires: qt5-qtbase-devel
@@ -17,6 +15,7 @@
 BuildRequires: signon-devel
 BuildRequires: libproxy-devel
 BuildRequires: libnotify-devel
+BuildRequires: qt5-qtwebengine-devel

 Requires: dbus

@@ -35,9 +34,7 @@

 %prep
-%setup -q -n signon-ui-%{version}
-
-%patch0 -p1 -b .qt5
+%setup -q -n signon-ui-%{version}-0ubuntu1

 %build
@@ -51,10 +48,6 @@
 %install
 make install INSTALL_ROOT=%{buildroot}

-# Remove installed tests
-rm %{buildroot}/%{_bindir}/signon-ui-unittest
-rm %{buildroot}/%{_bindir}/tst_inactivity_timer
-
 # Own directory where others can install provider-specific configuration
 mkdir -p %{buildroot}/%{_sysconfdir}/signon-ui/webkit-options.d
```

Interesting tidbits:
- Requires 1 new dependency
- no patches required
- Had to change the version references around a bit because the upstream url is adding the `-0ubuntu1` release to the version number

This bug appears to have been reported against 'rawhide' during the Fedora Linux 39 development cycle.
Changing version to 39.

(In reply to Fedora Release Engineering from comment #2)
> This bug appears to have been reported against 'rawhide' during the Fedora
> Linux 39 development cycle.
> Changing version to 39.

This issue is reproducible on 38.

This bug in signon-ui v01.15 prevents Fedora KDE spin users from using their online accounts in KDE. To fix this, please upgrade to signon-ui v0.17.

Hi, I'm shipping signon-ui 0.17 in my COPR at hazel-bunnny:ports. It does not fix the problem. I'm still unable to sign in to google. Has anyone been able to sign in successfully with a new account?

Hi, I've fixed this on my copr at hazel-bunny/ports. I have also ported the signon-ui spec from webkit to webengine, because qt5-qtwebkit is a big security hole according to a GNOME guy.

@rdieter could you check if the updates in https://github.com/hazel-bunny/rpm-packaging/tree/master/lib/signon are acceptable?

(In reply to dabiswas112 from comment #6)
> Hi, I've fixed this on my copr at hazel-bunny/ports. I have also ported the
> signon-ui spec from webkit to webengine, because qt5-qtwebkit is a big
> security hole according to a GNOME guy.

FYI I have just tested your signon* updates from your COPR and can confirm it works fine for me on this fc38 box. I was able to create a new Google account.

It fixes https://bugs.kde.org/show_bug.cgi?id=420280 for me.

Also, the dependency on `qt5-qtwebkit` could be dropped, which should be done for security reasons too (see bug #1872819)

(In reply to dabiswas112 from comment #6)
> Hi, I've fixed this on my copr at hazel-bunny/ports. I have also ported the
> signon-ui spec from webkit to webengine, because qt5-qtwebkit is a big
> security hole according to a GNOME guy.
>
> @rdieter could you check if the updates in
> https://github.com/hazel-bunny/rpm-packaging/tree/master/lib/signon are
> acceptable?

Thoughts on becoming maintainer or co-maintainer of this package @dabiswas112?

(In reply to jeff from comment #9)
> (In reply to dabiswas112 from comment #6)
> > Hi, I've fixed this on my copr at hazel-bunny/ports. I have also ported the
> > signon-ui spec from webkit to webengine, because qt5-qtwebkit is a big
> > security hole according to a GNOME guy.
> >
> > @rdieter could you check if the updates in
> > https://github.com/hazel-bunny/rpm-packaging/tree/master/lib/signon are
> > acceptable?
>
> Thoughts on becoming maintainer or co-maintainer of this package
> @dabiswas112?

Not opposed to it, but need time. This package needs changes for Qt6 and Plasma 6, where upstream KDE recommends using Nicolas Fella's fork. My package uses git master of the original repo and is currently broken on rawhide. Will look into the requirements for being a maintainer and negotiations with KDE SIG who currently maintain the stack to take over maintenance in the future.