Gmail / Office 365 support

Question

Gmail / Office 365 support

Closed this issue 8 months ago · 5 comments

I would like to use git-credential-oauth to obtain access tokens for Gmail and Office 365 accounts. Any chance you can add them? Below I've added an example with client credentials borrowed from Mozilla Thunderbird.

diff --git a/main.go b/main.go
index 19bd2b7..235d9d4 100644
--- a/main.go
+++ b/main.go
@@ -104,6 +104,19 @@ var configByHost = map[string]oauth2.Config{
 		ClientSecret: "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",
 		Endpoint:     endpoints.Google,
 		Scopes:       []string{"https://www.googleapis.com/auth/gerritcodereview"}},
+	// client ID & secret borrowed from mozilla for demonstration purposes
+	"smtp.gmail.com:587": {
+		ClientID:     "406964657835-aq8lmia8j95dhl1a2bvharmfk3t1hgqj.apps.googleusercontent.com",
+		ClientSecret: "kSmqreRr0qwBWJgbf5Y-PjSU",
+		Endpoint:     endpoints.Google,
+		Scopes:       []string{"https://mail.google.com/"}},
+	// client ID & secret borrowed from mozilla for demonstration purposes
+	"smtp.office365.com:587": {
+		ClientID:     "08162f7c-0fd2-4200-a84a-f25a4db0b584",
+		ClientSecret: "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82",
+		Endpoint:     endpoints.AzureAD(""),
+		Scopes:       []string{"https://outlook.office.com/SMTP.Send"},
+		RedirectURL:  "http://localhost/"},
 }
 
 var (

To add some context, here is the git send-mail patch[1] which uses git-credential-oauth to send emails using oauth.

[1] https://lore.kernel.org/git/20240225103413.9845-1-julian@swagemakers.org/T/#u

Answer 1 · 2024-02-27T09:46:50.000Z

So you're authenticating to a mail server rather than a Git forge? Could you give an example of the input?

Answer 2 · 2024-02-27T12:35:19.000Z

Yes, I would like to authenticate with Gmail and Office 365 via SMTP and OAuth.

Input would look like this:

$ cat << EOF | ~/code/git-credential-oauth/git-credential-oauth -verbose get
host=smtp.gmail.com:587
protocol=smtp
EOF

Answer 3 · 2024-02-27T12:55:37.000Z

You can configure custom hosts in .gitconfig following https://github.com/hickford/git-credential-oauth/blob/main/README.md#custom-hosts. Does this work for you?

[credential "smtp://smtp.gmail.com:587"]
	oauthClientId = 406964657835-aq8lmia8j95dhl1a2bvharmfk3t1hgqj.apps.googleusercontent.com
	oauthClientSecret = kSmqreRr0qwBWJgbf5Y-PjSU
	oauthScopes = https://mail.google.com/
	oauthAuthURL = https://accounts.google.com/o/oauth2/auth
	oauthTokenURL = https://oauth2.googleapis.com/token
[credential "smtp://smtp.office365.com:587"]
	oauthClientId = 08162f7c-0fd2-4200-a84a-f25a4db0b584
	oauthClientSecret = TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82
	oauthAuthURL = https://login.microsoftonline.com/common/oauth2/v2.0/authorize
	oauthTokenURL = https://login.microsoftonline.com/common/oauth2/v2.0/token
	oauthScopes = https://outlook.office.com/SMTP.Send
	oauthRedirectURL = http://localhost/

Answer 4 · 2024-02-28T16:48:32.000Z

Sure that also works, but I was hoping to have Gmail and Office 365 support generally added using their own ID and secret not having to configure it manually. But I admit it only makes sense in combination with the git-send-email patch.

Answer 5 · 2024-03-03T21:29:11.000Z

Let's come back to this when your git-send-email patch is merged.