OAuth2 for IMAP Email

In the last year or so a lot of email providers have moved away from basic authentication to modern 2FA authentication, specifically OAuth2.

Jolla has responded by introducing new account types, specifically Microsoft 365 which provides modern authentication for Office365 Exchange email, and there is also OAuth2 for GMail as well.

However, the missing piece of the puzzle appears to be OAuth2 for IMAP, arguably the most prevalent modern email protocol out there and used by nearly all email providers, including Microsoft.

As more and more providers move towards OAuth2 for IMAP, the SFOS email client will become less and less useable.

This request is therefore for Jolla to implement OAuth2 for IMAP.

The problem with OAuth is that it’s a messy, overengineered and underdefined standard, so every implementation is a bit different. A version for generic IMAP accounts is going to be hard.

Still, maybe the community can help in part, there’s some components of the email system that are open source:

• sailfishos/buteo-sync-plugins-email
• messagingframework
• then there’s jolla-settings-accounts-extensions-email which AFAIK isn’t open, but it QML and XML so hackable locally.

As a reference, the venerable alpine email program has implemented OAuth for some providers, and can be viewed here and here. There is also KDE’s kimap.

(Of course before starting any community efforts, it would be useful to know how Jolla would prefer contributions to happen…)

Or, while we are waiting, maybe email-oauth2-proxy can help…

EDIT: almost completely untested package at: OBS. Config lives in /home/.system/var/lib/. Need to follow the README of the developer to set up (client secrets etc.).

For any one interested about the server side:
https://doc.dovecot.org/configuration_manual/authentication/oauth2/

And, generally, postfix auth is delegated to dovecot.