This report concerns the [oauth2 package on ELPA]. Hope that’s OK. It affects
downstream users of it such as `org-gcal' and `org-caldav'.

The authentication scheme used by `oauth2' has been deprecated by Google
services. I have a patch to update to the newer, recommended way. The OAuth2
maintainer said it would be a good addition, but I should find someone on ELPA
that is happy to review it in order to contribute.

Is there someone willing to review and merge a potential patch?


More details:

The current authentication scheme is out-of-band authentication; a code is
displayed in the browser and the user copies it into Emacs. The new scheme
involves spinning up an (extremely simple) HTTP server on Emacs to handle a
redirect in the browser.

I have an [implementation of the HTTP authentication handler], and emailed Julien
Danjou (the `oauth2' maintainer) about it. Julien said it would be a good
incorporation to the package but they don’t have time to review it.


Thank you for your time.

Adrià Garriga-Alonso


[oauth2 package on ELPA] <https://elpa.gnu.org/packages/oauth2.html>

[implementation of the HTTP authentication handler] <https://github.com/rhaps0dy/emacs-oauth2-auto/>