Google is doing the same business with VirusTotal.com.
We're hosting malware as zipped files, and providing passwords to users. It's not possible to accidentally run the malware as user.
And the problem is not about this, we removed all the files and Google said you didnt. They're not saying you're not trustable website, they said you still have the files but we haven't.
As i mentioned before, i know hosting these files on our local server is not the best practice. There are other businesses doing this thing and Google is not marking them harmful. All files are zipped with a password, we provide the password to users.
Also, the filename is not a unique indicator the identify a file as malware. I can put the filename as "Google Chrome.exe" and that doesn't mean this is a malware.
The second issue is, we just changed the our domain name and when i try to add it to "Authorized redirect URIs" for Oauth getting this error: "The request has been classified as abusive and was not allowed to proceed". So, i have no idea about what is going on about my domain.
That's right. It's not the best practice, i totally agree with that. The problem is, i already removed the files but Google is not accepting that. And also they are doing the same business with VirusTotal, but its working really well.
They're just clicking the decline button, and its affecting our business.
We just moved our API domain to another domain. That's why it's working well now. I have the same opinion, maybe their system is cached but it's affecting our business. And if you get declined one time, they're not responding to you quickly again.
Can you please share with me which mail service are you using?
And i tested login page, it looks ok. Can you create new user? Probably you are trying wrong password.