From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Xiyue Deng <manphiz@gmail.com>
Newsgroups: gmane.emacs.bugs
Subject: bug#72358: 29.4; oauth2.el improvements
Date: Wed, 07 Aug 2024 16:22:23 -0700
Message-ID: <87ed6zc40g.fsf@debian-hx90.lan>
References: <87mslz8yzk.fsf@debian-hx90.lan> <87frrr725m.fsf@gmail.com>
 <66a8f323.170a0220.9172c.8e28SMTPIN_ADDED_BROKEN@mx.google.com>
 <87a5hy8y8j.fsf@debian-hx90.lan>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="36481"; mail-complaints-to="usenet@ciao.gmane.io"
Cc: Robert Pluim <rpluim@gmail.com>, 72358@debbugs.gnu.org
To: =?UTF-8?Q?Bj=C3=B6rn?= Bidar <bjorn.bidar@thaodan.de>
Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Thu Aug 08 01:23:57 2024
Return-path: <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>
Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org>)
	id 1sbq0a-0009L0-78
	for geb-bug-gnu-emacs@m.gmane-mx.org; Thu, 08 Aug 2024 01:23:56 +0200
Original-Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-gnu-emacs-bounces@gnu.org>)
	id 1sbq0J-00031K-0F; Wed, 07 Aug 2024 19:23:39 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1sbq0H-00031B-Fk
 for bug-gnu-emacs@gnu.org; Wed, 07 Aug 2024 19:23:37 -0400
Original-Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1sbq0H-0004i5-2Q
 for bug-gnu-emacs@gnu.org; Wed, 07 Aug 2024 19:23:37 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=debbugs.gnu.org; s=debbugs-gnu-org; 
 h=MIME-Version:Date:References:In-Reply-To:From:To:Subject;
 bh=IfFSuXx5GtT2xtBqIA5WXzYxqEcHANjZ7kzRntnqpD4=; 
 b=F/xlYfEaLwDLjrRc3B3EmBjMadVWUO38XWznQVnoHdYTtERL2CuTOWtnqqoJlXlv2LOYHJBq+JT3jZsfs1Epi1p2WSNy5vto0GIFiok6Q/FxG8x65Z+SsqL8i3b12DhS63tNAKCJBC0Ur+hieDAMHjsuK9vh2zH62l4s9HmwxlvnKFosQKxIcKmJt2YMI5xFpSi8A1ACf2m9O8E8HmD02iplI3aKgaMXmEhlXP49Jrxvqsq3zmlQ444ZJSgznELLIl6bcHMT3ISyWinA57sBvXGmR7qRGC9adGSYxMf0WA+5YOGyo2QDVvVYm/iBcIJ45WprclhIMxZaonVEYFHFIg==;
Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1sbq0g-0005yb-5s
 for bug-gnu-emacs@gnu.org; Wed, 07 Aug 2024 19:24:02 -0400
X-Loop: help-debbugs@gnu.org
Resent-From: Xiyue Deng <manphiz@gmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Wed, 07 Aug 2024 23:24:02 +0000
Resent-Message-ID: <handler.72358.B72358.172307304122965@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 72358
X-GNU-PR-Package: emacs
Original-Received: via spool by 72358-submit@debbugs.gnu.org id=B72358.172307304122965
 (code B ref 72358); Wed, 07 Aug 2024 23:24:02 +0000
Original-Received: (at 72358) by debbugs.gnu.org; 7 Aug 2024 23:24:01 +0000
Original-Received: from localhost ([127.0.0.1]:35212 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1sbq0f-0005yL-0t
 for submit@debbugs.gnu.org; Wed, 07 Aug 2024 19:24:01 -0400
Original-Received: from mail-pl1-f175.google.com ([209.85.214.175]:42483)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <manphiz@gmail.com>) id 1sbq0c-0005y5-Lh
 for 72358@debbugs.gnu.org; Wed, 07 Aug 2024 19:23:59 -0400
Original-Received: by mail-pl1-f175.google.com with SMTP id
 d9443c01a7336-1fd69e44596so2692635ad.1
 for <72358@debbugs.gnu.org>; Wed, 07 Aug 2024 16:23:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1723072946; x=1723677746; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id
 :reply-to; bh=IfFSuXx5GtT2xtBqIA5WXzYxqEcHANjZ7kzRntnqpD4=;
 b=B85Hz52v8zgZ3kLseHULp8ICd0UKi8kRx6isgNyDzBrw3itvZIl1c6GLhp8wUlNTnK
 LjAglFVlqG/2wvL4VUYk2LITH10Q4nInvTe13xYGewBta/3yIGQgGf6y9XGVXYsijr+9
 81DNJiyg2hezitCECchwYMBwYJWlfo7jFvfFKjeuvHlZQStGGivqjoVcOlDK8EbTRcaI
 /69s03HvpxCAv4iW00ZYq/kl38RcUQreIN5C5EPHLEqV7g6//sTheMjx61VtrSR2OkoU
 K6e1tIWAyZw21e/dcW09PwXtALZUAoU/qGVSrntJ10iAbEtktqloaQ3fkSG8XP66/F1d
 gdIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1723072946; x=1723677746;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=IfFSuXx5GtT2xtBqIA5WXzYxqEcHANjZ7kzRntnqpD4=;
 b=UV7HgRMl8ZhYR+Ru/kSzFnY4TrcuaacZ4QcSS3N00XVNa+zxzbkyhE8KTEC0eyHJGI
 xboyoGq6n9qiURN+YxtieRhm66Akj74bP9TnP7ARCNN36l+1kxu70ZGoWlje2guhP8bv
 lBQGaCtjLxAh67UKiJMfY6c2S17SLf5zFObUmuy3Ply8K+16UUIpJIq9V8LAzio9AwVR
 B6YukmQx3dlocj0qIRRDz4CQIfc7yB3J9PV7F71oEG5Rx37JqVFhttepmSaxYFNNDrjX
 8StY08+iQ2uGG45QF8OEyaKbomgCU37MyoToi3sw6KYwW/FBB2TC3dyUQR3tHFCbs7F1
 RmVA==
X-Forwarded-Encrypted: i=1;
 AJvYcCXL+i98tzN0YmpoNBknimdA3czCbM77p+p9HSnT8IwOFukbdvaR65Gwr3yu+8EfASKvQzDsS5RbDZqrhDgdeD/1XIdA4Tw=
X-Gm-Message-State: AOJu0YzxueqBeSIrnGClELAgs+rjvbuFgp9ZSMvTSSsXe5FmcmVPbtAG
 56EDKo/1mPajQLFKy8HTgt0meCwWPx2mODCJhpinQDYmXpBr1P2ybj6i7g==
X-Google-Smtp-Source: AGHT+IHkKBBMXrWemUdxv6VAu5HoXCJi36xBuZA1+PxgFfSASTJCYkPoS8M0muKyhno2kXRRhI5Aeg==
X-Received: by 2002:a17:902:dac7:b0:1fd:9648:2d66 with SMTP id
 d9443c01a7336-20095899872mr1117145ad.17.1723072946426; 
 Wed, 07 Aug 2024 16:22:26 -0700 (PDT)
Original-Received: from debian-hx90 (syn-076-094-249-045.res.spectrum.com.
 [76.94.249.45]) by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-1ff58f26f4bsm111655595ad.34.2024.08.07.16.22.25
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 Aug 2024 16:22:26 -0700 (PDT)
In-Reply-To: <87a5hy8y8j.fsf@debian-hx90.lan> (Xiyue Deng's message of "Tue,
 30 Jul 2024 12:40:28 -0700")
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-gnu-emacs@gnu.org
List-Id: "Bug reports for GNU Emacs,
 the Swiss army knife of text editors" <bug-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-gnu-emacs>
List-Post: <mailto:bug-gnu-emacs@gnu.org>
List-Help: <mailto:bug-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-gnu-emacs>,
 <mailto:bug-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org
Xref: news.gmane.io gmane.emacs.bugs:289906
Archived-At: <http://permalink.gmane.org/gmane.emacs.bugs/289906>

Xiyue Deng <manphiz@gmail.com> writes:

> Bj=C3=B6rn Bidar <bjorn.bidar@thaodan.de> writes:
>
>> Robert Pluim <rpluim@gmail.com> writes:
>>
>>>     Xiyue> - This will invalidate all existing entries and a user will =
have to redo
>>>     Xiyue>   the authorization process again to get a new refresh token=
.  However,
>>>     Xiyue>   I think it's more important to ensure that oauth2.el works=
 correctly
>>>     Xiyue>   for multiple accounts of the same provider, or a user may =
suffer from
>>>     Xiyue>   confusion when adding a new account invalidates a previous=
 account.
>>>
>>> I don=CA=BCt think that=CA=BCs too big a concern. 'modern' authenticati=
on flows
>>> regularly re-prompt, so this will not be too surprising (although
>>> maybe call it out in the package=CA=BCs NEWS or README).
>>
>> In many cases the refreshing of tokens is transparent to the user there
>> doesn't have to be a re-prompt to refresh the token if the OAuth
>> provider support it.
>> Micrsofts OAuth workflow is quite good in this regard as there's a
>> non-standard error to indicate when the user has to re-authorize the
>> application.
>>
>
> Actually I am currently having trouble for a few weeks to get my
> outlook.com email work with MS OAuth2.  To avoid some repeated typing, I
> have documented the issues and steps I have tried in this stackoverflow
> question[1].  I would great appreciated it if you can shed some lights
> there
>
>> I assume all implementation of OAuth have their quirks.
>
> Indeed.
>
>
> [1] https://stackoverflow.com/questions/78787763/getting-aadsts65001-erro=
r-invalid-grant-when-trying-to-refresh-access-token-fo

Just want to report back that after confirming with an MS representative
through online chat, outlook.com has actually disabled refreshing
access_token through the token endpoint, and users are asked to migrate
to Outlook app or compatibles apps (Thunderbird still works).  I'm not
sure whether this is also the case for organization emails, which may
also be disabled by default (or soonish if not already) but can be
enabled separately by an org admin.  Anyway, I'd suggest people stop
wasting your time here and use Gmail (or maybe Yahoo mail) which has
decent 3rd party OAuth2 support.

Meanwhile I have submitted a request to re-enable this support[1].

[1] https://feedbackportal.microsoft.com/feedback/idea/069f1816-0a55-ef11-b=
4ad-0022484d3ecc

--=20
Xiyue Deng