From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Andrew Cohen Newsgroups: gmane.emacs.devel Subject: Re: Making GNUS continue to work with Gmail Date: Fri, 28 Aug 2020 13:35:40 +0800 Message-ID: <873647e3ir.fsf@ust.hk> References: <875z9p5hnc.fsf@mat.ucm.es> <87364pbkn0.fsf@gnus.org> <87lfihe0zf.fsf@mat.ucm.es> <874kp55l8t.fsf@gnus.org> <87y2mdnwn2.fsf@mat.ucm.es> <87blixbh71.fsf@ucl.ac.uk> <87d03cpbu3.fsf@ucl.ac.uk> <873648mftt.fsf@ust.hk> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="34177"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) To: emacs-devel@gnu.org Cancel-Lock: sha1:gqLrt9YwWRWYisyzRRYi9gXJeWE= Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Fri Aug 28 07:36:25 2020 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kBX3o-0008o7-6N for ged-emacs-devel@m.gmane-mx.org; Fri, 28 Aug 2020 07:36:24 +0200 Original-Received: from localhost ([::1]:37746 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBX3n-00055E-8g for ged-emacs-devel@m.gmane-mx.org; Fri, 28 Aug 2020 01:36:23 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:58812) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBX3J-0004aH-Qb for emacs-devel@gnu.org; Fri, 28 Aug 2020 01:35:53 -0400 Original-Received: from static.214.254.202.116.clients.your-server.de ([116.202.254.214]:52896 helo=ciao.gmane.io) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBX3I-0003IP-8D for emacs-devel@gnu.org; Fri, 28 Aug 2020 01:35:53 -0400 Original-Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1kBX3E-0008Cq-Kj for emacs-devel@gnu.org; Fri, 28 Aug 2020 07:35:48 +0200 X-Injected-Via-Gmane: http://gmane.org/ Received-SPF: pass client-ip=116.202.254.214; envelope-from=ged-emacs-devel@m.gmane-mx.org; helo=ciao.gmane.io X-detected-operating-system: by eggs.gnu.org: First seen = 2020/08/28 01:35:48 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -16 X-Spam_score: -1.7 X-Spam_bar: - X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:254348 Archived-At: >>>>> "RS" == Richard Stallman writes: RS> Since I don't know anything about using MS mail, I can't tell RS> from those words whether you have described (1) something each RS> user can do, or (2) something that would have to be done once on RS> behalf of GNUS. Which one is it? Sorry for not being clear. Others have described the issues with gmail and I am saying that the issues are the same with outlook. In trying to answer your question let me list the three steps I toke to make this work with outlook: 1. REGISTRATION: An "app" needs to be registered with MS. Successful registration returns certain credentials. The returned credentials are what others have said google's terms of service forbid from being embedded in the app, although kmail and others do so anyway. 2. AUTHORIZATION: A user takes the credentials returned in step 1 and authorizes the "app" to access the user's outlook email. A "refresh token" is returned to the user. 3. ACCESS: Once authorized, the user can use the "refresh token" to retrieve an "access token" that is used like a temporary password to communicate with outlook over imap and smtp. The access token has a short lifetime (one hour) and new logins after that require repeating step 3 (using the same refresh token.) Now to answer your question: the intent behind this process is that step 1 is performed once for the app (in our case gnus) and steps 2 and 3 are performed by users. Step 2 is performed once by the user, and step 3 is performed each time the user logs in. (Others have said that on occasion authorization is revoked and step 2 must then be repeated, but I haven't yet encountered this). Nothing prevents each user from performing step 1 (that is, each user registers their own app) but the process is technical and tedious, and not something I think we can realistically expect from many users. It also requires the use of a web browser and web pages that likely involve javascript. Step 2 is less tedious but also involves using a web browser and web pages that use javascript (I am not 100% confident about the use of javascript here, so it is possible that this part of the process could be done in some other way). Step 3 is the part that I referred to as easy---once the app has been registered and the user has obtained the refresh-token, gnus can use the oauth2 library on elpa to easily and directly manage the process of obtaining the access-token and logging in.