1 There is a problem that has been reported by users of Arch and derived distributions. Before entering the password, the user goes to a screen that says: This browser or app is not secure.
This problem is in a patch called fake-user-agent.patch in the signon-ui package. It is not a Plasma problem, but I had not found information about the cause of the error anywhere. Repackaging without the patch makes this error disappear.
2 - The second error probably occurs in all distributions. In the last 2 days I tested the following distributions: BigLinux, Manjaro, Fedora, KDE Neon, OpenSuse and Solus. The error occurred in all of them.
The error occurs after entering the password: This app is blocked
The problem is in parts of the file: /usr/share/accounts/providers/kde/google.provider
If you remove the line with the content: https://www.googleapis.com/auth/drive
The problem does not occur, the account is added, but there is no way to access or send files to Google Drive, if you replace it with this other line, then it is possible to send files, but not access the files that were already in Google Drive: 'https://www.googleapis.com/auth/drive.file',
I did hundreds of tests and modifications until I got to the point where I went to see how it was being done in Gnome, so I adapted the google.provider file to use the data used in Gnome and it worked, Google Drive became fully functional.
The real problem seems to be in the ClientID used in kaccounts-providers: 317066460457-pkpkedrvt2ldq6g2hj1egfka2n7vpuoo.apps.googleusercontent.com
The Google Provider file using the Gnome ClientID ( /usr/share/accounts/providers/kde/google.provider ):
<?xml version="1.0" encoding="UTF-8"?>
<provider id="google">
<name>Google</name>
<description>GNOME-ID, Google Drive and YouTube</description>
<icon>im-google</icon>
<translations>kaccounts-providers</translations>
<domains>.*google\.com</domains>
<template>
<group name="auth">
<setting name="method">oauth2</setting>
<setting name="mechanism">web_server</setting>
<group name="oauth2">
<group name="web_server">
<setting name="Host">accounts.google.com</setting>
<setting name="AuthPath">o/oauth2/auth?access_type=offline</setting>
<setting name="TokenPath">o/oauth2/token</setting>
<setting name="RedirectUri">http://localhost/oauth2callback</setting>
<setting name="ResponseType">code</setting>
<setting type="as" name="Scope">[
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile',
'https://www.googleapis.com/auth/calendar',
'https://www.googleapis.com/auth/tasks',
'https://www.googleapis.com/auth/drive'
]</setting>
<setting type="as" name="AllowedSchemes">['https']</setting>
<setting name="ClientId">44438659992-7kgjeitenc16ssihbtdjbgguch7ju55s.apps.googleusercontent.com</setting>
<setting name="ClientSecret">-gMLuQyDiI0XrQS_vx_mhuYF</setting>
<setting type="b" name="ForceClientAuthViaRequestBody">true</setting>
</group>
</group>
</group>
</template>
</provider>