diff options
| author | Timo Wilken | 2023-04-03 15:36:51 +0200 |
|---|---|---|
| committer | Timo Wilken | 2023-04-03 15:36:53 +0200 |
| commit | 544b72cde1ddda7e5de4a55d68c44ffae52c6550 (patch) | |
| tree | 8ba1f66b8e142d1415036ec44bf092d7fbec2b74 /tw/home/files/aerc | |
| parent | 5cfe988447268e7e4bbd284ee6cb6cd5b1ded710 (diff) | |
Use aerc's native XOAUTH2 support
To avoid jank when refreshing access tokens, let aerc do it itself rather than
shelling out to mutt_oauth2.py.
Diffstat (limited to 'tw/home/files/aerc')
| -rw-r--r-- | tw/home/files/aerc/accounts.conf | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/tw/home/files/aerc/accounts.conf b/tw/home/files/aerc/accounts.conf index ea3a4536..ef96997d 100644 --- a/tw/home/files/aerc/accounts.conf +++ b/tw/home/files/aerc/accounts.conf @@ -1,14 +1,17 @@ [CERN] -source = imaps+xoauth2://timo.wilken%40cern.ch@outlook.office365.com -outgoing = smtp+xoauth2://timo.wilken%40cern.ch@smtp.office365.com +# https://man.sr.ht/~rjarry/aerc/providers/microsoft.md#office365-with-xoauth2 +source = imaps+xoauth2://timo.wilken%40cern.ch@outlook.office365.com?client_id=9e5f94bc-e8a4-4e73-b8be-63364c29d753&token_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/token&scope=https://outlook.office.com/SMTP.Send https://outlook.office.com/IMAP.AccessAsUser.All offline_access +outgoing = smtp+xoauth2://timo.wilken%40cern.ch@smtp.office365.com:587?client_id=9e5f94bc-e8a4-4e73-b8be-63364c29d753&token_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/token&scope=https://outlook.office.com/SMTP.Send https://outlook.office.com/IMAP.AccessAsUser.All offline_access smtp-starttls = true -# To authorize for the first time: +# To authorize for the first time (to get refresh token): # mutt_oauth2.py ~/.local/share/aerc/twilken.tokens --authorize --authflow authcode --provider microsoft \ # --email timo.wilken@cern.ch --client-id 9e5f94bc-e8a4-4e73-b8be-63364c29d753 --client-secret '' \ # --encryption-pipe 'gpg --encrypt --recipient C2249BBE5E8761C943A0CFA1B7B3914BF63ACD7C' # Confirm empty client secret. When done, copy-paste ?code= value from final URL to the command-line. -source-cred-cmd = mutt_oauth2.py ~/.local/share/aerc/twilken.tokens --encryption-pipe 'gpg --encrypt --recipient C2249BBE5E8761C943A0CFA1B7B3914BF63ACD7C' -outgoing-cred-cmd = mutt_oauth2.py ~/.local/share/aerc/twilken.tokens --encryption-pipe 'gpg --encrypt --recipient C2249BBE5E8761C943A0CFA1B7B3914BF63ACD7C' +# Then, to store the refresh token: +# gpg --decrypt ~/.local/share/aerc/twilken.tokens | jq -r .refresh_token | pass insert -e -f cern/exol/refresh-token +source-cred-cmd = pass cern/exol/refresh-token +outgoing-cred-cmd = pass cern/exol/refresh-token default = INBOX from = Timo Wilken <timo.wilken@cern.ch> aliases = twilken@cern.ch |