I've used OAUTHBEARER authentication to use mutt with GMail for a while, but I've run into a an issue that I can't figure out. When I launch mutt I get OAUTHBEARER authentication failed. Here is .muttdebug0:
[2020-08-27 10:38:59] TLSv1.3 connection using TLSv1.3 (TLS_AES_256_GCM_SHA384)
[2020-08-27 10:39:00] Connected to imap.gmail.com:993 on fd=7
[2020-08-27 10:39:00] imap_cmd_step: grew buffer to 512 bytes
[2020-08-27 10:39:00] 7< * OK Gimap ready for requests from XX.XX.XX.XX r65mb112981108pjg
[2020-08-27 10:39:00] IMAP queue drained
[2020-08-27 10:39:00] 7> a0000 CAPABILITY
[2020-08-27 10:39:00] 7< * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH2 AUTH=PLAIN AUTH=PLAIN-CLIENTTOKEN AUTH=OAUTHBEARER AUTH=XOAUTH
[2020-08-27 10:39:00] Handling CAPABILITY
[2020-08-27 10:39:00] 7< a0000 OK Thats all she wrote! r65mb112981108pjg
[2020-08-27 10:39:00] IMAP queue drained
[2020-08-27 10:39:00] imap_authenticate: Trying method oauthbearer
[2020-08-27 10:39:00] Authenticating (OAUTHBEARER)...
[2020-08-27 10:39:00] 7> a0001 AUTHENTICATE OAUTHBEARER bixhPWN3YWxrYXRyb25AZ21haWwuXXXXX=
[2020-08-27 10:39:01] 7< + eyJXXXXXXX29nbGUuY29tLyJ9
[2020-08-27 10:39:01] 7> [2020-08-27 10:39:01] OAUTHBEARER authentication failed.
I have a project set up in the Google Dev console and a client_id and client_secret. I get a warning that I have to specifically ignore about my Google Developer app being unverified that I have to explicitly allow. I don't remember this being an issue in the past. I can successfully log in using:
oauth2.py [email protected] --client_id=56843257498 --client_secret=fjdksla --generate_oauth2_token
This is in my .muttrc:
set imap_oauth_refresh_command="~me/bin/oauth2.py \
--user [email protected] \
--client_id=60080XXX.apps.googleusercontent.com \
--client_secret=AZXXXX \
--refresh_token=1//XXXXAYSNwF"
set smtp_oauth_refresh_command="~me/bin/oauth2.py \
[email protected] \
--client_id=60080XXX.apps.googleusercontent.com \
--client_secret=AZXXXX \
--refresh_token=1//XXXXAYSNwF"
The above commands run fine in a shell. Also, a test with oauth2.py succeeds as well (though this tests XOAUTH2 and not OAUTHBEARER).
10:30.51 > HNNF1 AUTHENTICATE XOAUTH2
10:30.54 < +
10:30.54 write literal size 280
10:31.24 < * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE ENABLE MOVE CONDSTORE ESEARCH UTF8=ACCEPT LIST-EXTENDED LIST-STATUS LITERAL- SPECIAL-USE APPENDLIMIT=35651584
10:31.24 < HNNF1 OK [email protected] authenticated (Success)
10:31.24 > HNNF2 SELECT INBOX
10:31.50 < * FLAGS (\Answered \Flagged \Draft \Deleted \Seen $Forwarded $Junk $NotJunk $NotPhishing $Phishing)
10:31.50 < * OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen $Forwarded $Junk $NotJunk $NotPhishing $Phishing \*)] Flags permitted.
10:31.50 < * OK [UIDVALIDITY 2] UIDs valid.
10:31.50 < * 1060 EXISTS
10:31.50 < * 0 RECENT
10:31.50 < * OK [UIDNEXT 51915] Predicted next UID.
10:31.50 < * OK [HIGHESTMODSEQ 5748372]
10:31.50 < HNNF2 OK [READ-WRITE] INBOX selected. (Success)
I have this all set up and working for my work email, but not for my personal. I feel like I'm just missing something simple. Can anyone help me see my mistake?
