Re: oauth2 support for Emacs email clients

[Tim Cross]

I guess it would be possible - at least for the GNU Mailutils version (not the Emacs version as it does not support imap or encrypted POP3). However, I guess it would also involve adding a whole HTTP request library and an Oauth2 library to obtain authentication/refresh tokens. This is of course assuming that MS does allow an application ID to be used with IMAP (to be confirmed). 

This also only helps with MS Office365/Outlook access - it doesn't help with Gmail or any other provider who transitions to nly support Oauth2. As mentioned by others, the big stumbling block here is that each provider is able to implement Oauth2 with their own custom workflow, which makes a general generic solution difficult to define. The solution will probably require some sort of 'pluggable' Oauth2 layer, which might include Oauth2 authenticators for popular mail providers and a facility to add a custom one for others. 

On Tue, 10 Aug 2021 at 13:30, Richard Stallman <rms@gnu.org> wrote:

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > Public client applications do not have a client secret but only an ID
  > which can simply be embedded into the application, which is how DavMail
  > does it. Public client applications are only allowed to access web APIs
  > on behalf of the user, but this is usually enough.

Is this something that movemail could in principle do?
If so, what are the obstacles?  Is it just a matter of writing some code?

--
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

--

regards,

Tim

--

Tim Cross