From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: =?UTF-8?Q?Bj=C3=B6rn?= Bidar via "Bug reports for GNU Emacs, the Swiss army knife of text editors" Newsgroups: gmane.emacs.bugs Subject: bug#72358: 29.4; oauth2.el improvements Date: Thu, 08 Aug 2024 09:11:09 +0300 Message-ID: <31326.8677027494$1723097522@news.gmane.org> References: <87mslz8yzk.fsf@debian-hx90.lan> <87frrr725m.fsf@gmail.com> <66a8f323.170a0220.9172c.8e28SMTPIN_ADDED_BROKEN@mx.google.com> <87a5hy8y8j.fsf@debian-hx90.lan> <87ed6zc40g.fsf@debian-hx90.lan> Reply-To: =?UTF-8?Q?Bj=C3=B6rn?= Bidar Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="20457"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: Robert Pluim , 72358@debbugs.gnu.org To: Xiyue Deng Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Thu Aug 08 08:11:54 2024 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1sbwNN-00057M-KG for geb-bug-gnu-emacs@m.gmane-mx.org; Thu, 08 Aug 2024 08:11:53 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sbwNF-0001wq-A7; Thu, 08 Aug 2024 02:11:45 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sbwN7-0001hf-6O for bug-gnu-emacs@gnu.org; Thu, 08 Aug 2024 02:11:38 -0400 Original-Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sbwN6-00018u-TV for bug-gnu-emacs@gnu.org; Thu, 08 Aug 2024 02:11:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:References:In-Reply-To:From:To:Subject; bh=sJA5z0kNmjYTil9+0OkGwfkGxWDzgfpqaqhtoDLWEEw=; b=GUSo6V0XRFiUtXu3H7ARJFC71NwEF/0GWY7v/9EyLUi3UQINvkkXW50gMp68NE+wJjvRcDcce9gn+KXRM06WsQWfrd1l3vdgOnR774F2+K9F1A1F8hge/LLmdjD6FQPtqtiPQHQPdBNUxTy0/ry4zAcoWfNVYhdjfb/Ne+8dqzS+smJseZggFKrQDhBqCWdKvDfOTmdpfeohOr7kf2lPynO269VojBaFg2hqttx3RVpzyLdLo61Zpx2rJcxQ4H3bahIl74PwC9FJP/uXLopuAfOPudYhhafqYBiJe8XZKTfhg211SzGcdBxZQr5uGqHC4dp965xhhs6yilIbH+fT3A==; Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sbwNV-0008FP-NG for bug-gnu-emacs@gnu.org; Thu, 08 Aug 2024 02:12:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: =?UTF-8?Q?Bj=C3=B6rn?= Bidar Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 08 Aug 2024 06:12:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 72358 X-GNU-PR-Package: emacs Original-Received: via spool by 72358-submit@debbugs.gnu.org id=B72358.172309750731681 (code B ref 72358); Thu, 08 Aug 2024 06:12:01 +0000 Original-Received: (at 72358) by debbugs.gnu.org; 8 Aug 2024 06:11:47 +0000 Original-Received: from localhost ([127.0.0.1]:35371 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sbwNH-0008Ev-0f for submit@debbugs.gnu.org; Thu, 08 Aug 2024 02:11:47 -0400 Original-Received: from thaodan.de ([185.216.177.71]:59260) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sbwNE-0008Ef-S6 for 72358@debbugs.gnu.org; Thu, 08 Aug 2024 02:11:46 -0400 Original-Received: from odin (dsl-trebng12-50dc75-154.dhcp.inet.fi [80.220.117.154]) by thaodan.de (Postfix) with ESMTPSA id 7A775D00042; Thu, 8 Aug 2024 09:11:11 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=thaodan.de; s=mail; t=1723097471; bh=ypcvRGuZLI7AVkF0i9aPGsh4EJc8OVrU2zTfjYXyrDk=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=ZYYh1Ey/tmvIIK3GwOSj8qQbsLK+zdV03lZA2PbQCuu6XCzf/fSPost4On/4KIGIK 4Ekr6+lewbxCDSj+A6xeAypRH1PQbuK8xCEAwF8sO+dPcCD8dCCov8iYcqyG/ihcrY z4/Xkmmv92YPRidvPdkhdAb+72tgPSj4h4AueAAFK/ZwLmMHCbprzQQjrNP/kVrf7v Q5N4PcUN2SjnDHiVRYsdAJZNIPT+HAhr40Fp/hamzImwRRcb1ixImzBhHgNbFFspuV dKw7waNKteeYL2a88PKUrMU0lRLMw/x/m4eao+TJhlwU2vcE07uccQbIjJXSY6e5eO S5DnXVkom2K0bL28dfHjHUBYXY7+kxgwxJdgOfyr7SeBsy1pot+bGWQMPKCNXosB2G WPxLCGN/Au853/E+pGVTU8nTxiUdDwfK1g3Duj084QIZkWqRhAPgLw2T1Qmr4xyXdD ncCYsJVqL0zpgyQ3GNCbvdKagOk93oMg2ZgPy+z1JwwBCY1CksfWVT9Lxo01qFyapa NghnNYHcvO57NVa/QmJFj1msn+n7A9Q081/MIXshTJ0VZzlJnjo105mOoUXQOy6XEi kuWtgCgyQ9/5rCLdL+0j5HDI3hBBvVN0SSYYbADF+tsnvpeGEKwYG3ESSC1HpkdgEh 3RUrtg3qAWxzFih3O3BA4vjI= In-Reply-To: <87ed6zc40g.fsf@debian-hx90.lan> (Xiyue Deng's message of "Wed, 07 Aug 2024 16:22:23 -0700") Autocrypt: addr=bjorn.bidar@thaodan.de; prefer-encrypt=nopreference; keydata= mDMEZNfpPhYJKwYBBAHaRw8BAQdACBEmr+0xwIIHZfIDlZmm7sa+lHHSb0g9FZrN6qE6ru60JUJq w7ZybiBCaWRhciA8Ympvcm4uYmlkYXJAdGhhb2Rhbi5kZT6IlgQTFgoAPgIbAwULCQgHAgIiAgYV CgkICwIEFgIDAQIeBwIXgBYhBFHxdut1RzAepymoq1wbdKFlHF9oBQJk1/YmAhkBAAoJEFwbdKFl HF9oB9cBAJoIIGQKXm4cpap+Flxc/EGnYl0123lcEyzuduqvlDT0AQC3OlFKm/OiqJ8IMTrzJRZ8 phFssTkSrrFXnM2jm5PYDoiTBBMWCgA7FiEEUfF263VHMB6nKairXBt0oWUcX2gFAmTX6T4CGwMF CwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQXBt0oWUcX2hbCQEAtru7kvM8hi8zo6z9ux2h K+B5xViKuo7Z8K3IXuK5ugwA+wUfKzomzdBPhfxDsqLcEziGRxoyx0Q3ld9aermBUccHtBxCasO2 cm4gQmlkYXIgPG1lQHRoYW9kYW4uZGU+iJMEExYKADsCGwMFCwkIBwICIgIGFQoJCAsCBBYCAwEC HgcCF4AWIQRR8XbrdUcwHqcpqKtcG3ShZRxfaAUCZNf2FQAKCRBcG3ShZRxfaCzSAP4hZ7cSp0YN XYpcjHdsySh2MuBhhoPeLGXs+2kSiqBiOwD/TP8AgPEg/R+SI9GI9on7fBJJ0mp2IT8kZ2rhDOjg gA6IkwQTFgoAOxYhBFHxdut1RzAepymoq1wbdKFlH X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:289916 Archived-At: Xiyue Deng writes: > Xiyue Deng writes: > >> Bj=C3=B6rn Bidar writes: >> >>> Robert Pluim writes: >>> >>>> Xiyue> - This will invalidate all existing entries and a user will= have to redo >>>> Xiyue> the authorization process again to get a new refresh toke= n. However, >>>> Xiyue> I think it's more important to ensure that oauth2.el work= s correctly >>>> Xiyue> for multiple accounts of the same provider, or a user may= suffer from >>>> Xiyue> confusion when adding a new account invalidates a previou= s account. >>>> >>>> I don=CA=BCt think that=CA=BCs too big a concern. 'modern' authenticat= ion flows >>>> regularly re-prompt, so this will not be too surprising (although >>>> maybe call it out in the package=CA=BCs NEWS or README). >>> >>> In many cases the refreshing of tokens is transparent to the user there >>> doesn't have to be a re-prompt to refresh the token if the OAuth >>> provider support it. >>> Micrsofts OAuth workflow is quite good in this regard as there's a >>> non-standard error to indicate when the user has to re-authorize the >>> application. >>> >> >> Actually I am currently having trouble for a few weeks to get my >> outlook.com email work with MS OAuth2. To avoid some repeated typing, I >> have documented the issues and steps I have tried in this stackoverflow >> question[1]. I would great appreciated it if you can shed some lights >> there >> >>> I assume all implementation of OAuth have their quirks. >> >> Indeed. >> >> >> [1] https://stackoverflow.com/questions/78787763/getting-aadsts65001-err= or-invalid-grant-when-trying-to-refresh-access-token-fo > > Just want to report back that after confirming with an MS representative > through online chat, outlook.com has actually disabled refreshing > access_token through the token endpoint, and users are asked to migrate > to Outlook app or compatibles apps (Thunderbird still works). Thank you for notifying me on this I will forward this to my employer. > I'm not sure whether this is also the case for organization emails, which= may > also be disabled by default (or soonish if not already) but can be > enabled separately by an org admin. It does depend some domains use whitelist e.g. Tampere University of Applies sciences. Without a specific Emacs GNUs/Caldav/whatever AppID inside Microsoft OAuth2 it will be hard to pass that. > Anyway, I'd suggest people stop > wasting your time here and use Gmail (or maybe Yahoo mail) which has > decent 3rd party OAuth2 support. I don't think that's an option for most user that complain about working OAuth2 support, in most cases it's a work or some other organization account. Another thing I think is very important is to support Nextcloud as it's a FOSS app supporting OAuth2 which quite many users and organizations adopted. > Meanwhile I have submitted a request to re-enable this support[1]. > > [1] https://feedbackportal.microsoft.com/feedback/idea/069f1816-0a55-ef11= -b4ad-0022484d3ecc