Package: mutt Version: 1.10.1-1 Severity: wishlist Tags: upstream patch fixed-upstream
Hi, As described in http://lists.mutt.org/pipermail/mutt-dev/Week-of-Mon-20180611/000121.html, Gmail supports RFC 7628 for oauth as a way of avoiding password based auth. Applying three upstream patches gets mutt to support this reasonably well: 1. 798f749eeeb98ed04028521a2eb3e505c1a83574 (Initial support for OAUTHBEARER for IMAP, 2018-06-11) 2. fcd333986c0d15dec67870b7b74fef0e00e8c28b (Support for using OAUTHBEARER for smtp, 2018-06-12) 3. 98cc42365ac97b0dfeafadf5561043e06744fcf6 (Improve OAUTHBEARER support, 2018-06-26) I'm running with those now, with the following configuration: set from=<me>@gmail.com set folder=imaps://<me>@gmail....@imap.gmail.com/ set smtp_url=smtps://<me>@gmail....@smtp.gmail.com:465/ set spoolfile==INBOX set imap_authenticators="oauthbearer" set imap_user="<me>@gmail.com" set imap_oauth_refresh_command="$HOME/bin/oauth2.py --quiet --user=<me>@gmail.com --client_id=<client id> --client_secret=<client secret> --refresh_token=<refresh token>" set smtp_authenticators="oauthbearer" set smtp_oauth_refresh_command="$HOME/bin/oauth2.py --quiet --user=<me>@gmail.com --client_id=<client id> --client_secret=<client secret> --refresh_token=<refresh token>" It works like a charm. oauth2.py is [1]. <me> is $USER. <client id>, <client secret>, and <refresh token> were generated following the instructions at [2]. All three patches are in mutt "master", but I don't know how long it will be until the next upstream release. What do you think of applying the patches in the meantime? I'll send a debdiff in a separate message. Thanks, Jonathan [1] python/oauth2.py in https://github.com/google/gmail-oauth2-tools [2] https://github.com/google/gmail-oauth2-tools/wiki/OAuth2DotPyRunThrough#creating-and-authorizing-an-oauth-token