Document the use with Mutt and other SASL-using IMAP/SMTP clients #9
Comments
|
@ivucica I'm trying to do the same thing. Have your posted your documentation somewhere, or could you send me your notes (e.g. by email)? |
|
Here's my "solution", found by trial and error since I know very little about SASL and OAuth2, for MBsync. I'm sure there are far better ones, but this works for me for now and might help others: https://github.com/MarcvdSluys/SundryNotes/blob/master/mbsync-with-gmail-oauth2.org |
|
@MarcvdSluys I was looking through your notes, and I just wanted to confirm that your steps are after installing sasl-xoauth2, right? So basically, you install this SASL XOAUTH2 plugin, use XOAUTH2 as the SASL mechanism for auth, and supply it with the SMTP Username/email address as username and then a XOAUTH2 access token as the password? And for on-going usage MBsync has that PassCmd which fires off your custom script to use the refresh token to get a new access token each time it needs to make a XOAUTH2 connection? If I understand correctly, that sounds great! |
|
I'm hoping to figure out how to use sasl-xoauth2 with https://metacpan.org/pod/Authen::SASL and https://metacpan.org/pod/Email::Sender::Transport::SMTP While I've used Oauth2 heaps, I'm not understanding what sasl-xoauth2 needs outside a Postfix context... Looking through the code, it looks like it expects the SASL password to be a filepath to a token, so I'm confused how your MBSync implementation is working... unless it's using a different SASL plugin? |
|
I must admit I don't recall all details and don't have the time to redo the whole thing. It's still working though. But yes I installed The user name is the GMail address as |
|
No worries. Thanks for sharing those details. I must be missing something in sasl-xoauth2 as in the C++ code it seems like the password is supposed to be a path to the OAuth2 token response JSON object rather than the access token value itself. I thought sasl-xoauth2-tool was just for getting the initial token response, saving that to file, and then you give a the filepath to SASL as the password, so that the plugin can then do all the heavy lifting. When I looked at https://wiki.archlinux.org/title/Isync it it makes it seem like PassCmd should be a command that provides the access token, but I would think that would just be for the |
|
Unfortunately, I've hit a bit of a stumbling point in my investigations. I'm using stable Debian, but Authen::SASL::XS isn't available in stable Debian, and Email::Sender::Transport::SMTP in stable Debian doesn't allow you to provide your own SASL authenticator (it just seemingly uses SMTP AUTH LOGIN). It looks like the next version of Debian will have the XS library and the newer email library. I did get the Ubuntu Jammy package from @tarickb 's PPA to install on stable Debian, so that was good. Had to hack It looks like Ubuntu 24.04 has the packages I'd need, so might try an experiment using it. |
|
Just in case it helps, I have written up a document how to use sasl-xoauth2 for mbsync and postfix for both Outlook and Google, see here: https://github.com/norbusan/outlook-gmail-mbsync-postfix-sasl-xoauth There is also a script for the outlook tokens generation that needs only the client/tenant ids and email. |
I stumbled over that, too, this is wrong. The PassCmd must provide the filename of the token file: |
I have managed to get this implementation of the SASL XOAUTH2 method to work with Mutt -- thank you for your work!
It would be nice if it was documented how it can be achieved.
Feel free to assign this to me, and I'll try to come up with some tutorial.
The text was updated successfully, but these errors were encountered: