"Gmail access expires periodically unless renewed by users"
Greg Marks
gtmarks at gmail.com
Sat May 18 01:45:25 UTC 2024
Dear Mutt Developers:
Will we experience difficulties using Mutt to obtain IMAP access to
G-Mail accounts, having configured the Mutt OAuth2 token management
script provided here:
https://gitlab.com/muttmua/mutt/-/raw/master/contrib/mutt_oauth2.py
once Google changes their access policies governing their so-called
"apps" on June 3, 2024? I have received a notification from Google
stating:
You have indicated that your app has features related to "email
reporting and monitoring," as defined in the Gmail user data
and developer policy. This is specified in the Google Cloud
Platform Console under the Scopes section of the OAuth consent
screen page. We would like to remind you that starting June
3, 2024, apps that use information from emails to provide
reporting or monitoring services will require periodic Gmail
access renewals.... After June 3, 2024, newly granted Gmail
access for consumer Google accounts to reporting and monitoring
apps will automatically expire after six months. Users must
renew permissions for continued access. Any existing Gmail
access granted to these apps will expire on July 15, 2024 unless
renewed by the user. Users will be able to renew or revoke this
access at any time through the "Third-party apps & services"
page on My Account.... Test your application(s) to ensure that
they are able to handle an invalid_grant response from the OAuth
2.0 servers. Such handling may include re-authenticating the
user and requesting user consent to obtain new tokens.... If
you take no action, and your application is not able to handle
user re-authorization after a token expires, you may begin
to see OAuth errors and your application's functionality may
be affected.
I more or less followed the instructions here:
https://gitlab.com/muttmua/mutt/-/blob/master/contrib/mutt_oauth2.py.README
under the section "How to create a Google registration" to create my
"app," which as I understand it is a fictitious piece of software whose
registration is used to obtain OAuth2 tokens for Mutt to access one's
own G-Mail account. This has worked fine to date. But I don't know how
to test my "application" to ensure that it can handle an invalid_grant
response from the OAuth 2.0 servers. I'd like to avert any problems
in advance.
Will this be handled automatically by the mutt_oauth2.py script?
Or will a patch to the script be issued? Or will we have to log in to
console.developers.google.com with our account and somehow tinker with
the "Application" we've created to obtain client_id and client_secret
credentials to paste into the mutt_oauth2.py script?
Best regards,
Greg Marks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-users/attachments/20240517/c418f180/attachment.asc>
More information about the Mutt-users
mailing list