Menu
▾
▴
Re: [Fetchmail-users] Setting Up OAUTH2 Support for Fetchmail and Postfix
|
From: Matthias A. <mat...@gm...> - 2020-10-10 08:22:24
|
Am 10.10.20 um 08:04 schrieb Ranjan Maitra: > > Thanks! I was looking around git and I guess the python code to get the token file is perhaps here: https://sourceforge.net/p/fetchmail/git/ci/next/tree/contrib/fetchmail-oauth2.py#l140 > But then, I was wondering where is the code in fetchmail that makes it work (i.e. makes use of the oauth2 written in the rc file): The code is somewhat spread out, as Peter explains in his e-mail in more detail (thanks, Peter!) > poll imap.gmail.com protocol imap > auth oauthbearer username "US...@gm..." > passwordfile "/home/path/to/access_token_file" > is LOCALUSER here sslmode wrapped sslcertck > > This is for gmail, mine is for office 365 so I am wondering if there are areas in the main source code that I have to modify. (I have the python code needed to get the token.) It seems to me that fetchmail has to recognize and make use of the oauthbearer hence my question. Indeed I have accepted OAuth as contributed code but never used it myself, it is not a first-class citizen. It is somewhat coarse, derived from Google code, and may require heavy tinkering to make it work for other providers/sites, because the sites all use their own URI (URLs) to provide tokens. On some past days, I looked at the specs, since there are various ways to obtain tokens, and I've read (but not confirmed or disproven) that some sites do not implement all, and some scheme hinges on a user registering a copy of the open source fetchmail code on some developer page of the ISP's website because the authentication scheme requires me to bake app[lication]-specific credentials into the code, the concept is already dead before the first line of code has been written, because open source won't keep those secret and the whole concept hinges on "closed source" and possibly "use my app store". The easiest would be to try if the respective site permits you to generate app-specific passwords and use those with a traditional login scheme. |
