Quoting Oswald Buddenhagen (2020-08-06 01:32:08) > On Wed, Aug 05, 2020 at 11:19:53PM +0200, Michał Winiarski wrote: > >Currently, this (or any other SASL oauth) plugin isn't available in any > >of the upstream SASL implementations. > >I also can't find any attempts to merge it upstream. > > > that's not a problem per se.
No, it isn't, but in general, cyrus sasl plugins live here: https://github.com/cyrusimap/cyrus-sasl/tree/master/plugins > >(it also isn't packaged by any of the distros that I'm using) > > > seems like at least arch and netbsd package cyrus-sasl-xoauth2. > someone seems to be building it for centos, too: > https://copr.fedorainfracloud.org/coprs/nurmukhamed/cyrus-sasl-xoauth2/ > > someone seems to have been successful using it with mbsync: > http://blog.onodera.asia/2020/06/how-to-use-google-g-suite-oauth2-with.html Hm... That can actually work for me, and is just a drop-in replacement. (s/OAUTHBEARER/XOAUTH2 in my mbsyncrc - this plugin does almost exactly the same thing as my patch, except in SASL) > >I don't expect this to change anytime soon. > > > that's not a helpful attitude. make a solid howto for mbsync, so i can > include it (maybe on the website, or maybe in the docu directory, with a > mention in the manual under AuthMechs). then file bugs against the > mbsync packages of various distros, basically urging the mbsync > packagers to take the lead in having the plugin packaged. As far as configuration goes, the post you mentioned actually does a pretty good job: http://blog.onodera.asia/2020/06/how-to-use-google-g-suite-oauth2-with.html I'm just using: https://github.com/google/oauth2l Rather than: https://github.com/google/gmail-oauth2-tools Because it's easier to use (at least for gmail - you just download credentials.json and use it as-is), and it does the caching and auto-refreshing for you (it only communicates with server if the token is expired). It's just a matter of adding something like: AuthMechs XOAUTH2 PassCmd "/home/knr/.go/bin/oauth2l fetch --credentials ~/.oauth2/my-credentials.json --scope https://mail.google.com --refresh" And running this command interactively once, to get prompted to visit URL and copy-paste the data. Do you think this information (perhaps phrased in a more verbose manner) could be added to the docs? -Michał _______________________________________________ isync-devel mailing list isync-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/isync-devel
