fetchmail/fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch

From: Matthew Ogilvie <mmogilvi+fml@zoho.com>
Date: Sat, 3 Jun 2017 17:57:22 -0600
Subject: FAQ: list gmail options including oauthbearer and app password
Git-repo: https://gitlab.com/fetchmail/fetchmail.git
Git-commit: dbeee6a0c0fc5392953f38d6f0dcffdeeb8ae141

---
 fetchmail-FAQ.html | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html
index 82dd92df..027dc9da 100644
--- a/fetchmail-FAQ.html
+++ b/fetchmail-FAQ.html
@@ -2004,9 +2004,27 @@ sites.)</p>
 <p>Google has started pushing towards more complex authentication
 schemes based on OAuth 2.0 that require clients and users
 to jump through quite a few hoops, and use web browsers for signing in.
-If this hinders access to your account through fetchmail, you may need to turn on access for "less secure apps" at <a
-    href="https://myaccount.google.com/lesssecureapps">https://myaccount.google.com/lesssecureapps</a>.<br/>
-It is disputable whether an application that does not include web
+If this hinders access to your account through fetchmail, you have some
+options:</p>
+<ul>
+  <li>You can generate and use an
+      <a href="https://support.google.com/accounts/answer/185833">App Password</a>.
+      This is probably best unless you are on a "G-Suite" account and the
+      administrator has disabled this option.</li>
+  <li>You can use separate tools to generate and renew oauth2 access
+      tokens.  Then configure fetchmail to use "auth oauthbearer" and use
+      a current access token as the password.  See comments and --help in
+      contrib/fetchmail-oauth2.py from the fetchmail source tree
+      for more information.  This is derived from Google's
+      <a href="https://github.com/google/gmail-oauth2-tools/wiki/OAuth2DotPyRunThrough">OAuth2DotPyRunThrough</a>,
+      associated code, RFC-7628, and RFC-6750.</li>
+  <li>You may turn on access for "less secure apps" at
+      <a href="https://www.google.com/settings/security/lesssecureapps">https://www.google.com/settings/security/lesssecureapps</a>,
+      or see <a href="https://support.google.com/accounts/answer/6010255">https://support.google.com/accounts/answer/6010255</a>.
+      But G-suite administrators are more likely to have disabled
+      this option than "App Password"s.</li>
+</ul>
+<p>It is disputable whether an application that does not include web
 browsing capabilities or heavy-weight libraries is "less secure" as
 Google claims.</p>
 
-- 
2.31.1
Accepting request 892934 from home:jeff_mahoney:branches:server:mail - Backported support for OAUTH2 authentication from Fetchmail 7.0. - add imap oauthbearer support - support oauthbearer/xoauth2 with pop3 - add passwordfile and passwordfd options - add contrib/fetchnmail-oauth2.py token acquisition utility - FAQ: list gmail options including oauthbearer and app password - give each ctl it's own copy of password - re-read passwordfile on every poll - add query_to64_outsize() utility function - Chase and integrate interface change. - oauth2.c: calculate and pass in correct buffer size to to64frombits() - Increase max password length to handle oauth tokens - Bump max. passwordlen to 10000 bytes. - Add README.OAUTH2 - Added patches: * fetchmail-add-imap-oauthbearer-support.patch * fetchmail-support-oauthbearer-xoauth2-with-pop3.patch * fetchmail-add-passwordfile-and-passwordfd-options.patch * fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch * fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch * fetchmail-give-each-ctl-it-s-own-copy-of-password.patch * fetchmail-re-read-passwordfile-on-every-poll.patch * fetchmail-add-query_to64_outsize-utility-function.patch * fetchmail-chase-and-integrate-interface-change.patch * fetchmail-oauth2-c-calculate-and-pass-in-correct-buffer-size-to-to64frombits.patch * fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch * fetchmail-bump-max-passwordlen-to-1bytes.patch * fetchmail-add-readme-oauth2-issue-27.patch OBS-URL: https://build.opensuse.org/request/show/892934 OBS-URL: https://build.opensuse.org/package/show/server:mail/fetchmail?expand=0&rev=113 2021-06-04 14:09:36 +02:00			`From: Matthew Ogilvie <mmogilvi+fml@zoho.com>`
			`Date: Sat, 3 Jun 2017 17:57:22 -0600`
			`Subject: FAQ: list gmail options including oauthbearer and app password`
			`Git-repo: https://gitlab.com/fetchmail/fetchmail.git`
			`Git-commit: dbeee6a0c0fc5392953f38d6f0dcffdeeb8ae141`

			`---`
			`fetchmail-FAQ.html \| 24 +++++++++++++++++++++---`
			`1 file changed, 21 insertions(+), 3 deletions(-)`

			`diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html`
			`index 82dd92df..027dc9da 100644`
			`--- a/fetchmail-FAQ.html`
			`+++ b/fetchmail-FAQ.html`
			`@@ -2004,9 +2004,27 @@ sites.)</p>`
			`<p>Google has started pushing towards more complex authentication`
			`schemes based on OAuth 2.0 that require clients and users`
			`to jump through quite a few hoops, and use web browsers for signing in.`
			`-If this hinders access to your account through fetchmail, you may need to turn on access for "less secure apps" at <a`
			`- href="https://myaccount.google.com/lesssecureapps">https://myaccount.google.com/lesssecureapps</a>.<br/>`
			`-It is disputable whether an application that does not include web`
			`+If this hinders access to your account through fetchmail, you have some`
			`+options:</p>`
			`+<ul>`
			`+ <li>You can generate and use an`
			`+ <a href="https://support.google.com/accounts/answer/185833">App Password</a>.`
			`+ This is probably best unless you are on a "G-Suite" account and the`
			`+ administrator has disabled this option.</li>`
			`+ <li>You can use separate tools to generate and renew oauth2 access`
			`+ tokens. Then configure fetchmail to use "auth oauthbearer" and use`
			`+ a current access token as the password. See comments and --help in`
			`+ contrib/fetchmail-oauth2.py from the fetchmail source tree`
			`+ for more information. This is derived from Google's`
			`+ <a href="https://github.com/google/gmail-oauth2-tools/wiki/OAuth2DotPyRunThrough">OAuth2DotPyRunThrough</a>,`
			`+ associated code, RFC-7628, and RFC-6750.</li>`
			`+ <li>You may turn on access for "less secure apps" at`
			`+ <a href="https://www.google.com/settings/security/lesssecureapps">https://www.google.com/settings/security/lesssecureapps</a>,`
			`+ or see <a href="https://support.google.com/accounts/answer/6010255">https://support.google.com/accounts/answer/6010255</a>.`
			`+ But G-suite administrators are more likely to have disabled`
			`+ this option than "App Password"s.</li>`
			`+</ul>`
			`+<p>It is disputable whether an application that does not include web`
			`browsing capabilities or heavy-weight libraries is "less secure" as`
			`Google claims.</p>`

			`--`
			`2.31.1`