Dear Mutt Developers: Will we experience difficulties using Mutt to obtain IMAP access to G-Mail accounts, having configured the Mutt OAuth2 token management script provided here:
https://gitlab.com/muttmua/mutt/-/raw/master/contrib/mutt_oauth2.py once Google changes their access policies governing their so-called "apps" on June 3, 2024? I have received a notification from Google stating: You have indicated that your app has features related to "email reporting and monitoring," as defined in the Gmail user data and developer policy. This is specified in the Google Cloud Platform Console under the Scopes section of the OAuth consent screen page. We would like to remind you that starting June 3, 2024, apps that use information from emails to provide reporting or monitoring services will require periodic Gmail access renewals.... After June 3, 2024, newly granted Gmail access for consumer Google accounts to reporting and monitoring apps will automatically expire after six months. Users must renew permissions for continued access. Any existing Gmail access granted to these apps will expire on July 15, 2024 unless renewed by the user. Users will be able to renew or revoke this access at any time through the "Third-party apps & services" page on My Account.... Test your application(s) to ensure that they are able to handle an invalid_grant response from the OAuth 2.0 servers. Such handling may include re-authenticating the user and requesting user consent to obtain new tokens.... If you take no action, and your application is not able to handle user re-authorization after a token expires, you may begin to see OAuth errors and your application's functionality may be affected. I more or less followed the instructions here: https://gitlab.com/muttmua/mutt/-/blob/master/contrib/mutt_oauth2.py.README under the section "How to create a Google registration" to create my "app," which as I understand it is a fictitious piece of software whose registration is used to obtain OAuth2 tokens for Mutt to access one's own G-Mail account. This has worked fine to date. But I don't know how to test my "application" to ensure that it can handle an invalid_grant response from the OAuth 2.0 servers. I'd like to avert any problems in advance. Will this be handled automatically by the mutt_oauth2.py script? Or will a patch to the script be issued? Or will we have to log in to console.developers.google.com with our account and somehow tinker with the "Application" we've created to obtain client_id and client_secret credentials to paste into the mutt_oauth2.py script? Best regards, Greg Marks
signature.asc
Description: PGP signature
