File fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch of Package fetchmail.22404
From: Matthew Ogilvie <mmogilvi+fml@zoho.com>
Date: Sat, 3 Jun 2017 17:57:22 -0600
Subject: FAQ: list gmail options including oauthbearer and app password
Git-repo: https://gitlab.com/fetchmail/fetchmail.git
Git-commit: dbeee6a0c0fc5392953f38d6f0dcffdeeb8ae141
---
fetchmail-FAQ.html | 24 +++++++++++++++++++++---
1 file changed, 21 insertions(+), 3 deletions(-)
diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html
index 82dd92df..027dc9da 100644
--- a/fetchmail-FAQ.html
+++ b/fetchmail-FAQ.html
@@ -2004,9 +2004,27 @@ sites.)</p>
<p>Google has started pushing towards more complex authentication
schemes based on OAuth 2.0 that require clients and users
to jump through quite a few hoops, and use web browsers for signing in.
-If this hinders access to your account through fetchmail, you may need to turn on access for "less secure apps" at <a
- href="https://myaccount.google.com/lesssecureapps">https://myaccount.google.com/lesssecureapps</a>.<br/>
-It is disputable whether an application that does not include web
+If this hinders access to your account through fetchmail, you have some
+options:</p>
+<ul>
+ <li>You can generate and use an
+ <a href="https://support.google.com/accounts/answer/185833">App Password</a>.
+ This is probably best unless you are on a "G-Suite" account and the
+ administrator has disabled this option.</li>
+ <li>You can use separate tools to generate and renew oauth2 access
+ tokens. Then configure fetchmail to use "auth oauthbearer" and use
+ a current access token as the password. See comments and --help in
+ contrib/fetchmail-oauth2.py from the fetchmail source tree
+ for more information. This is derived from Google's
+ <a href="https://github.com/google/gmail-oauth2-tools/wiki/OAuth2DotPyRunThrough">OAuth2DotPyRunThrough</a>,
+ associated code, RFC-7628, and RFC-6750.</li>
+ <li>You may turn on access for "less secure apps" at
+ <a href="https://www.google.com/settings/security/lesssecureapps">https://www.google.com/settings/security/lesssecureapps</a>,
+ or see <a href="https://support.google.com/accounts/answer/6010255">https://support.google.com/accounts/answer/6010255</a>.
+ But G-suite administrators are more likely to have disabled
+ this option than "App Password"s.</li>
+</ul>
+<p>It is disputable whether an application that does not include web
browsing capabilities or heavy-weight libraries is "less secure" as
Google claims.</p>
--
2.31.1