This ia definitely an issue that Gnome must work with.
However I think I understood the issue. Google is pushing passwordless verification to us, but at the time it’s not supported on Linux.
There are a couple of 2FA to connect into Google’s account, one of them is this passwordless alternative, using a FIDO hardware or a bluetooth device to authenticate me.
When I tried to login with my Google account at a normal browser, such as Firefox, it asks me to connect my device to authenticate me, which I can cancel this operation and select any other 2FA method.
At the Gnome Online Accounts it does not show the popup asking for the device at all, but my hypothesis is that it still waiting for it undefinitely, preventing us to login or select any other 2FA method.
A workaround is disabling Security Device 2FA in your account and using other 2FA methods, like TOPT, SMS and Phone Authorization.
A solution would be implement a timeout on GnomeWebKit aborting the “waiting for authentication” operation and proceeding to select another 2FA method.
This is a issue by Google’s decision to not allowing us select our prefered 2FA anymore.