Re: gmail+imap+smtp (oauth2)

[Thomas Fitzsimmons]

Hi Tomas,

Tomas Hlavaty <tom@logand.com> writes:

> On Wed 11 May 2022 at 05:04, Richard Stallman <rms@gnu.org> wrote:
>>   > > Our concern is whether the Oauth2 protocol can be used to communicate
>>   > > with Gmail without using any non-libre software.
>>
>>   > oauth2 mandates whitelist of allowed clients
>>   > the issue is getting on and staying on that whitelist controlled by 
>> google
>>
>> There is a leap between the concern I mentined and your reply.
>> I don't know how to relate the two.
>
> I think Oauth2 protocol could theoretically be used to communicate with
> Gmail without using any non-libre software.
>
> Writing an oauth2 client software is not that difficult.

How would you go about doing that, such that the gmail.com login process
could be done natively within Emacs, without calling out to a web
browser?

For comparison, in my experience, Thunderbird embeds a Firefox browser
window to do the login step for MSO365 (required on the first connection
to retrieve the OAuth 2.0 refresh token).  I assume that's how
Thunderbird handles initial Gmail authentication too.

It would be helpful if there were an Emacs-native way of performing this
step, i.e., a method that doesn't require JavaScript or non-free
software.

To replicate a basic IMAP authentication workflow, the minibuffer would
prompt:

Username for gmail.com:
Password for <username>@gmail.com:
and optionally:
OTP for <username>@gmail.com:

Alternatively, the username and password would be retrieved from
authinfo.gpg, and Emacs would prompt for the OTP in the minibuffer
dynamically.

Thomas