OAuth2 Support
We'd like to enable OAuth login (and along with 2FA if possible) with thunderbird, does thunder support that other than gmail? For example, we have oauthbearer&xoauth2 enabled on Dovecot IMAP, thunderbird seems to have failed in establishing the communication, if it does not support as for now, when will this be supported? Our community really loves Thunderbird, it'd be sad to see it goes away because of this lacking feature.
All Replies (4)
oAuth requires that the program have a "secret" that is offers to server as a part of the authentication. So Thunderbird and Dovecote supporting oAth is not enough. A secret for the server in question needs to be built into Thunderbird.
This source needs to ne changed https://searchfox.org/comm-central/source/mailnews/base/util/OAuth2Providers.jsm
SO you need to file a bug https://bugzilla.mozilla.org
Just for completeness. oAuth is not a good choice to implement 2fa as it may actually issue a key that is valid for 6 months (google) so even without your password Thunderbird can continue to use the key exchange to check your mail for up to 6 months without any reference to the base password used.
Thanks for the reply! If the "secret" referred here is the "Client Secret" for exchange of access_token with authorization server, that is stored/configured in Dovecot, I'd think. What we'd like to ultimately achieve is that we have in-house authorization server with which we have the control for the access_token expiration date. I will go ahead and take your suggestion to open a bug request. Thank you so much!
I have filed a bug to implement the dynamic client registration protocol which would allow automatic registration of clients. But implementation is probably a long way off at this point in time.
https://bugzilla.mozilla.org/show_bug.cgi?id=1602166
What bug did you file?
I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1602895 , not sure if this is a bug or enhancement, since the method is available from the 'authentication method' drop-down and it's not working so I filed as a bug. Thanks for following it up and I appreciate your advice!