rmrmg
commented
1 year ago I have the same problem with gmail. Is there any manual how to configure oauth2?
Open jan-spurny opened 1 year ago
rmrmg
commented
1 year ago I have the same problem with gmail. Is there any manual how to configure oauth2?
Settyness
commented
1 year ago A google query of "sylpheed" "oauth2" nets the Sylpheed home page and this GitHub repository. Any guidance for how to get OAuth2 up and running would be greatly appreciated as I am dying to quit using Thunderbird.
bdst64
commented
1 year ago I got it to work last fall after first making it work with sylpheed-claws and then copying the authentication data into oauth2.ini. One problem is that sylpheed has to be registered with the MS Azure server, so you'll have to ask whoever is running this server for your access to do that. They'll give you the "client-id" in the oauth2-file below.
Another caveat is that unlike sylpheed-claws, automatic token renewal hasn't been implemented in sylpheed. This means that every now and then you'll have to manually authenticate again to receive a new token. I hope this will be fixed with the next release of sylpheed because it is rather annoying.
Here is my oauth2.ini-file:
[@.DOMAIN.edu] auth_uri=https://login.microsoftonline.com/common/oauth2/v2.0/authorize token_uri=https://login.microsoftonline.com/common/oauth2/v2.0/token redirect_uri=http://127.0.0.1:8888 client_id=36dcdd5c-XXXX-XXXX-XXXX-XXXXXXXXXXXX client_secret= scope=offline_access https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/SMTP.Send local_port=8888
semioticrobotic
commented
1 year ago Has anyone documented this further? Or made more progress with this? I'm specifically looking for instructions for configuring GMail OAuth2.
bdst64
commented
1 year ago I am afraid there is not much more to say. It's a rather manual process that depends on the precise setup since sylpheed does not seem to be officially registered as an app with MS Azure. The key is to get the client_id for the MS Azure server. Is that where you are stuck?
semioticrobotic
commented
1 year ago I am afraid there is not much more to say. It's a rather manual process that depends on the precise setup since sylpheed does not seem to be officially registered as an app with MS Azure. The key is to get the client_id for the MS Azure server. Is that where you are stuck?
Thanks for your response, @bdst64! As I mentioned, I'm looking for assitance with Google OAuth2 setup, though I assume your advice holds true in this case, as well.
At this point my questions are:
oauth2.ini file when I've configured it?bdst64
commented
1 year ago semioticrobotic
commented
1 year ago Thanks, @bdst64. This helps a great deal. Provided I can obtain proper client ids, etc. (I'm at the mercy of the organization's managers here), I plan on giving this a try.
Settyness
commented
1 year ago Here is my oauth2.ini-file:
Where on Earth did you find the parameters and format for this INI file? I've been searching everywhere looking for information, and while some of the parameters are searchable, this particular template eludes me. It doesn't come with my installation of Sylpheed.
I followed the instructions at Google Answers and got about this far:
[@.gmail.com]
auth_uri=https://accounts.google.com/o/oauth2/auth
token_uri=https://accounts.google.com/o/oauth2/token
client_id=xxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com
client_secret=xxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxx
scope=https://mail.google.com
But there is zero feedback when attempting to connect to the mail domain, so I have no idea what I'm doing wrong or doing right. I select Gmail account during account creation within Sylpheed, but in account preferences, OAuth2 is not selected for receive/send authentication method and selecting them seems to do nothing. I'm pretty lost here.
bdst64
commented
1 year ago It's been a while, but as far as I remember I got the oauth2.ini template and most other information straight from Sylpheed 3.8beta1 (https://sylpheed.sraoss.jp/en/download.html) . I have no experience using Gmail through this setup though.
Settyness
commented
1 year ago It's been a while, but as far as I remember I got the oauth2.ini template and most other information straight from Sylpheed 3.8beta1 (https://sylpheed.sraoss.jp/en/download.html) .
How foolish of me to give up when I couldn't find the .ini template in my provided package. I should've just checked the direct download in the first place! My bad.
Finally got this working after a little tinkering. Steps to consider for people who might search and find this:
I'm very happy to be using Sylpheed again. Thanks for your help, @bdst64.
presentfactory
commented
1 year ago I got this to work for Outlook if anyone is trying to do that. It's a bit of a confusing process though, most of which is outlined in a more verbose way here.
Tldr though of the process I did:
First create an oauth2.ini in ~/.sylpheed-2.0/ with something like this in it (taken from the sample, note you may need to replace *@outlook.com with something like *@live.com or *@hotmail.com if you're not using outlook.com as your email's domain):
[*@outlook.com]
auth_uri=https://login.microsoftonline.com/common/oauth2/v2.0/authorize
token_uri=https://login.microsoftonline.com/common/oauth2/v2.0/token
redirect_uri=http://localhost:8089/
client_id=<enter client id here>
client_secret=<enter client secret here>
scope=offline_access https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/SMTP.Send
local_port=8089After that to get the client ID/secret, do these steps via Microsoft Azure:
http://localhost:8089/ in this case).client_id field.client_secret field in the ini file. Be careful not to leave this page until you do this, the secret is only visible right after you create it and will be inaccessible afterwards if you navigate away.Once all this is set up Sylpheed should open up your browser when it tries to authenticate when say sending an email.
For more troubleshooting syl-auth-helper --debug youremail@whatever.com is also useful to run (this is essentially what the client will run, with the addition of debug output from it).
Hopefully this gets easier some day, OAuth is just complete insanity, or at least Microsoft's implementation of it is.
jodo13
commented
2 months ago Windows 7 SP 1 Sylpheed 3.8b1
I did the above, but for [*@hotmail.com] and... no luck.
All the process goes fine. Sylpheed opens the browser, I login, I accept, it gets redirected to localhost, the browser displays I can close it as all was fine and... Sylpheed reconnects to the Microsoft servers and this is the error:
IMAP4> 2 AUTHENTICATE XOAUTH2 IMAP4< + ** LibSylph-WARNING: [23:22:57] Could not get OAuth2 token.
** Could not get OAuth2 token. IMAP4> 3 LOGOUT IMAP4< 2 NO AUTHENTICATE failed.
If all went fine... why can't it find the token?
Where is the token stored?
Is it stored or is just per Sylpheed session in memory?
By the way
syl-auth-helper --debug youremail@whatever.com
The above just opens the browser to login at Microsoft.
Is supposed to be a log?. Where?
Any hint of how to fix this?
Thank you, regards.
presentfactory
commented
2 months ago @jodo13 You have to log in within the browser. OAuth2 stuff like this usually requires Javascript and etc which is why it opens the authentication thing in the browser itself (rather than being able to do it in Sylpheed itself which doesn't support any web stack stuff like that). After you do that it'll communicate back to the application and indicate that you authenticated properly.
It sounds like you did that though but it should just work in that case unless you perhaps missed a step or something else weird is wrong. The debug command should show the response from the authentication stuff so not sure what you mean by what you said.
jodo13
commented
2 months ago Yes, all works @presentfactory . After I login via browser, the localhost redirect displays the text that was successful and I can close the browser at that point. So, I guess, all is fine.
The command syl-auth-helper --debug myhotmailaddress does nothing else.
It launches the browser to login, as if I were doing with Sylpheed, but no more output. At least on Windows. Maybe on Linux is different :-?
But, anyway, one more question, the web browser login, must be done always? (I ask because I haven't had success yet) I mean, every Sylpheed session I have to obtain a new token and go through all the process? Because, then, OAuth is more than a nightmare as I open and close Sylpheed several times along the day. I don't keep open.
jodo13
commented
2 months ago As English is not my language maybe I've been misunderstood above.
When I say it works, I mean that apparently nothing gives any error, any apparent misbehavior.
I tried various browsers with the same results.
1.- I edited the oauth2.ini to support hotmail.
2.- I open Sylpheed.
3.- I check the Hotmail account with OAuth as authentication method.
4.- It launches de browser.
5.- I login at Microsoft.
6.- The browser connects to localhost and the text "Authorization finished. You may close this page." appears.
7.- Sylpheed, on its log, tells (this is the full textlog, not as above; it is in spanish, but it doesn't matter):
* creando conexión IMAP4 con outlook.office365.com:993 ...
[01:24:09] IMAP4< * OK The Microsoft Exchange IMAP4 service is ready. [TQBBADIAUAAyADkAMgBDAEEAMAAwADAANAAuAEUAUwBQAFAAMgA5ADIALgBQAFIATwBEAC4ATwBVAFQATABPAE8ASwAuAEMATwBNAA==]
[01:24:09] IMAP4> 1 CAPABILITY
[01:24:09] IMAP4< * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
[01:24:09] IMAP4< 1 OK CAPABILITY completed.
[01:24:09] IMAP4> 2 AUTHENTICATE XOAUTH2
[01:24:10] IMAP4< +
** LibSylph-WARNING: [01:24:13] Could not get OAuth2 token.
** Could not get OAuth2 token.
[01:24:13] IMAP4> 3 LOGOUT
[01:24:13] IMAP4< 2 NO AUTHENTICATE failed.
** LibSylph-WARNING: [01:24:13] No puedo establecer la conexión IMAP4.
** No puedo establecer la conexión IMAP4.My further questions, so I can verify all, are:
Where is supposed to be stored the token? How I can verify that there are problems writing the token, if is dumped to disk? How I can verify anything else? How can I verify is something is blocking the transfer of the token from the browser to Sylpheed or from the server to Sylpheed or whatever? Do I have to open ports in the router? Any firewall rule?
Anything? :-?
I'm trying to get sylpheed working with office365 IMAP4, but so far I'm stuck - as I understand it, I have to create
oauth2.inifile with specific data for microsoft's outlook/office365, but I don't know how - I see how it probably should look inoauth2.ini.samplefile, but I really don't know how to fill it to get it working with office365 IMAP. Can someone help me?I'm using devel version 3.8.0beta compiled from source on Debian GNU/Linux 10. And up until yesterday, sylpheed was working with office365 and PLAIN AUTH just fine, but now it seems they require oath2 so I have no choice.