Re: gmail+imap+smtp (oauth2)

[Tim Cross]

Richard Stallman <rms@gnu.org> writes:

> [[[ To any NSA and FBI agents reading my email: please consider    ]]]
> [[[ whether defending the US Constitution against all enemies,     ]]]
> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
>
>   > One issue with OAuth2 schemes is that they periodically force the user
>   > through a web-browser-only authentication process that requires non-free
>   > JavaScript, in order to get a refresh token.
>
> Is there any disagreement about whether Gmail requires this?
>
> If it does, is it a requirement of Oauth2, or only specifically of Gmail?

It is not a requirement of oauth2. It is part of Google's
implementation. 

As to whether it is the only mechanism available to get the necessary
token, I don't know. Someone would need to dig into Google's API. I
suspect there are other API based methods as there are 3rd party apps
which use google oauth2 and don't require the user to use Google's web
interface. I don't know if google has any restrictions on accessing the
API (such as being registered or approved).