summary refs log tree commit diff stats
path: root/doc/aerc-imap.5.scd
diff options
context:
space:
mode:
authorFrode Aannevik <frode.aa@gmail.com>2019-07-10 21:00:28 +0200
committerDrew DeVault <sir@cmpwn.com>2019-07-11 19:36:14 -0400
commitb0eaf5191c9bc5b128e347625b7eef998ba63c41 (patch)
treeca9fe0155e4a01bb84d3aca248b37bf844145f8b /doc/aerc-imap.5.scd
parent217e85a55d0c1047bef1e2bc41783ccd4629bfc1 (diff)
downloadaerc-b0eaf5191c9bc5b128e347625b7eef998ba63c41.tar.gz
Support imaps with oauthbearer authentication (Gmail)
    imaps+oauthbearer://user:token@host?token_endpoint=...

 - the config Source password is used as access token if
   no token_endpoint parameter is set
 - the config Source password is used as refresh token if
   token_endpoint parameter is set, and used to exchange
   with an access token

The implementation has only been tested with Gmail.

    source = imaps+oauthbearer://{username}:{refersh_token}@imap.gmail.com:993? \
    client_id=XX&\
    client_secret=XX&\
    token_endpoint=https%3A%2F%2Faccounts.google.com%2Fo%2Foauth2%2Ftoken

client credentials created with

    https://console.developers.google.com/apis/credentials

refresh token created with

    https://github.com/google/gmail-oauth2-tools/blob/master/python/oauth2.py

rel: https://todo.sr.ht/~sircmpwn/aerc2/42
Diffstat (limited to 'doc/aerc-imap.5.scd')
-rw-r--r--doc/aerc-imap.5.scd18
1 files changed, 17 insertions, 1 deletions
diff --git a/doc/aerc-imap.5.scd b/doc/aerc-imap.5.scd
index 12dcfbe..4307238 100644
--- a/doc/aerc-imap.5.scd
+++ b/doc/aerc-imap.5.scd
@@ -19,7 +19,7 @@ In accounts.conf (see *aerc-config*(5)), the following IMAP-specific options are
 available:
 
 *source*
-	imap[s][+insecure]://username[:password]@hostname[:port]
+	imap[s][+insecure|+oauthbearer]://username[:password]@hostname[:port]?[:oauth2_params]
 
 	Remember that all fields must be URL encoded. The "@" symbol, when URL
 	encoded, is *%40*.
@@ -35,6 +35,22 @@ available:
 	*imaps*:
 		IMAP with TLS/SSL
 
+	*imaps+oauthbearer://*
+		IMAP with TLS/SSL using OAUTHBEARER Authentication
+
+		*oauth2_params:*
+
+		If specified, the configured password is used as an refresh token that
+		is exhanged with an access token
+
+		- token_endpoint (required)
+		- client_id (optional)
+		- client_secret (optional)
+		- scope (optional)
+
+		Example:
+		imaps+oauthbearer://...?token_endpoint=https://...&client_id=
+
 *source-cred-cmd*
 	Specifies the command to run to get the password for the IMAP
 	account. This command will be run using `sh -c [command]`. If a