Hi,

On 2023-02-20 18:59 +0100, Robin Jarry wrote:
> 
> Could you please respond to this message stating whether you accept or
> refuse the change of license from MIT to GPL[2] for the aerc project.
> This will only affect future versions of aerc. Existing releases will
> remain with their original license (MIT).

I accept the change to GPL.

--
Frode

Configure an oauthbearer source without a token_endpoint
parameter would panic due to nil pointer dereference

  Example
    source=imaps+oauthbearer://frode.aa%40gmail.com@imap.gmail.com:993
    source-cred-cmd=pass oatuh2 frode.aa@gmail.com

token_endpoint is not required as it will use the provided
password as access_token when it is not set
---
 worker/imap/worker.go | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/worker/imap/worker.go b/worker/imap/worker.go
[message trimmed]

---
 frode | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 frode

diff --git a/frode b/frode
new file mode 100644
index 0000000..b4380e4
--- /dev/null
+++ b/frode
@@ -0,0 +1 @@
+I'm about to try git send-email!
-- 
2.20.1
[message trimmed]

v2 fixes the runtime error

    imaps+oauthbearer://user:token@host?token_endpoint=...

 - the config Source password is used as access token if
   no token_endpoint parameter is set
 - the config Source password is used as refresh token if
   token_endpoint parameter is set, and used to exchange
   with an access token

The implementation has only been tested with Gmail.

    source = imaps+oauthbearer://{username}:{refersh_token}@imap.gmail.com:993? \
    client_id=XX&\
    client_secret=XX&\
    token_endpoint=https%3A%2F%2Faccounts.google.com%2Fo%2Foauth2%2Ftoken
[message trimmed]

    imaps+oauthbearer://user:token@host?token_endpoint=...

 - the config Source password is used as access token if
   no token_endpoint parameter is set
 - the config Source password is used as refresh token if
   token_endpoint parameter is set, and used to exchange
   with an access token

The implementation has only been tested with Gmail.

    source = imaps+oauthbearer://{username}:{refersh_token}@imap.gmail.com:993? \
    client_id=XX&\
    client_secret=XX&\
    token_endpoint=https%3A%2F%2Faccounts.google.com%2Fo%2Foauth2%2Ftoken
[message trimmed]

On 2019-06-24 13:34 -0400, Drew DeVault wrote:
> Gotcha. I would rather pursue it than merge XOAUTH support, even if it
> means we have to start by implementing it in go-sasl first.

Agree, I have created a pull request for go-sasl [1]

I have also looked at how OAuthBearer is supported in
Mutt [2], with 'imap_oauth_refresh_command' for generating
accesses token

we could use the `source-cred-cmd` for the same purpose
and simplify the implementation

1: https://github.com/emersion/go-sasl/pull/10

On 2019-06-23 23:11 -0400, Drew DeVault wrote:
> Have you had a chance to evaluate OAUTHBEARER?

did some, and I think it is a better approach to
use it instead of XOAUTH as it may be better supported
by other email providers

the downside with it seems only to be its lib support [1]

1: https://github.com/emersion/go-sasl/issues/6

requires source query parameters to configure oauth2

source example:

  imaps+xoauth2://{email}:{refresh_token}@imap.gmail.com:993?\
  oauth2_client_id={google-client-id}\
  oauth2_client_secret={google-client-secret}&\
  oauth2_scope=https%3A%2F%2Fmail.google.com%2F&\
  oauth2_endpoint=google

see [1] for instruction on how to create an
oauth2 client and generating an refresh token

use smtps+plain with an app password [2] to send email
[message trimmed]

On 2019-06-23 20:01 +0000, Simon Ser wrote:
> On Sunday, June 23, 2019 10:33 PM, Frode Aannevik <frode.aa@gmail.com> wrote:
> > On Sun Jun 23, 2019 at 6:44 PM Simon Ser wrote:
> >
> > > Note that the preferred, standard way to do this is now OAUTHBEARER
> >
> > did not know that, is it supported by many email providers?
> >
> > I think OAUTHBEARER can be an addition to PLAIN and XOAUTH
> > that we can add when `go-sasl` supports it
> >
> > note that this patch currently only supports xoauth for gmail,
> 
> Note, you dropped the list from recipients when writing this reply. Is