diff options
author | Frode Aannevik <frode.aa@gmail.com> | 2019-07-10 21:00:28 +0200 |
---|---|---|
committer | Drew DeVault <sir@cmpwn.com> | 2019-07-11 19:36:14 -0400 |
commit | b0eaf5191c9bc5b128e347625b7eef998ba63c41 (patch) | |
tree | ca9fe0155e4a01bb84d3aca248b37bf844145f8b /doc/aerc-imap.5.scd | |
parent | 217e85a55d0c1047bef1e2bc41783ccd4629bfc1 (diff) | |
download | aerc-b0eaf5191c9bc5b128e347625b7eef998ba63c41.tar.gz |
Support imaps with oauthbearer authentication (Gmail)
imaps+oauthbearer://user:token@host?token_endpoint=...
- the config Source password is used as access token if
no token_endpoint parameter is set
- the config Source password is used as refresh token if
token_endpoint parameter is set, and used to exchange
with an access token
The implementation has only been tested with Gmail.
source = imaps+oauthbearer://{username}:{refersh_token}@imap.gmail.com:993? \
client_id=XX&\
client_secret=XX&\
token_endpoint=https%3A%2F%2Faccounts.google.com%2Fo%2Foauth2%2Ftoken
client credentials created with
https://console.developers.google.com/apis/credentials
refresh token created with
https://github.com/google/gmail-oauth2-tools/blob/master/python/oauth2.py
rel: https://todo.sr.ht/~sircmpwn/aerc2/42
Diffstat (limited to 'doc/aerc-imap.5.scd')
-rw-r--r-- | doc/aerc-imap.5.scd | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/doc/aerc-imap.5.scd b/doc/aerc-imap.5.scd index 12dcfbe1..4307238e 100644 --- a/doc/aerc-imap.5.scd +++ b/doc/aerc-imap.5.scd @@ -19,7 +19,7 @@ In accounts.conf (see *aerc-config*(5)), the following IMAP-specific options are available: *source* - imap[s][+insecure]://username[:password]@hostname[:port] + imap[s][+insecure|+oauthbearer]://username[:password]@hostname[:port]?[:oauth2_params] Remember that all fields must be URL encoded. The "@" symbol, when URL encoded, is *%40*. @@ -35,6 +35,22 @@ available: *imaps*: IMAP with TLS/SSL + *imaps+oauthbearer://* + IMAP with TLS/SSL using OAUTHBEARER Authentication + + *oauth2_params:* + + If specified, the configured password is used as an refresh token that + is exhanged with an access token + + - token_endpoint (required) + - client_id (optional) + - client_secret (optional) + - scope (optional) + + Example: + imaps+oauthbearer://...?token_endpoint=https://...&client_id= + *source-cred-cmd* Specifies the command to run to get the password for the IMAP account. This command will be run using `sh -c [command]`. If a |