-
|
Hello Is there a timeout for the oauth? Since now i have re-do it 1-2 times a week. Which a bit painful. Is it better to set up with IMAP settings rather than the gmail oauth? |
Beta Was this translation helpful? Give feedback.
Replies: 9 comments 3 replies
-
|
Hello @Vainyards - that doesn't sound right. Let me look into it and do some testing. I haven't been using OAuth2 with nmail much, possibly there's some bug. Edit: And to answer this question:
Yeah, you're probably less likely to encounter any authentication issues in nmail by using IMAP password authentication, because most users use this, including myself. But security-wise many will argue OAuth2 is better. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, let me know if you find anything. If too much work, i will switch to IMAP settings instead! :) |
Beta Was this translation helpful? Give feedback.
-
|
I found a potential issue in the implementation of nmail. There's a time "margin" for Oauth2 token refresh I've set to 60 sec. Possibly the process can take longer (maybe in case of some temporarily flaky network), so I'm thinking I can increase it to 5 mins instead. Typical GMail Oauth2 token expiry is 1 hour, so if changed it would be refreshed every 55 mins instead of every 59 mins today. I'll need to do some testing here before pushing a fix though. Will update here again, likely in the weekend. Btw, can I check when you encounter the oauth2 re-authentication, you've been running nmail for a while (like more than an hour), or is it upon fresh start of nmail? |
Beta Was this translation helpful? Give feedback.
-
|
Hello I have no clue, on when it's happening. SInce I run all in tmux and put my macbook to sleep when I leave the offce. But it's always after minimum a day or so. I guess it can be when it's trying to refresh token and it takes longer than 60 sec. |
Beta Was this translation helpful? Give feedback.
-
|
Hi again @Vainyards - I've been doing some testing, but I'm not able to reproduce the problem. I have some ideas for improvements, but I rather not push "blind" fixes not knowing if they indeed improve OAuth2 stability. Also, after investigating more, I am not confident increasing the mentioned timeout would make a meaningful difference. I will continue running some more long-running tests with OAuth2 and share if I find anything. Meanwhile, should you encounter the prompt to re-authenticate, could you please share a copy of |
Beta Was this translation helpful? Give feedback.
-
|
Hello, yes that sounds like a valid reason. And I will see now after the weekend if I will have some trouble when I'm back at work tomorrow.
Skickat från Outlook för Android<https://aka.ms/AAb9ysg>
…________________________________
From: Kristofer Berggren ***@***.***>
Sent: Saturday, February 18, 2023 2:01:54 PM
To: d99kris/nmail ***@***.***>
Cc: Vainards ***@***.***>; Mention ***@***.***>
Subject: Re: [d99kris/nmail] Oauth question (Discussion #135)
Hi again @Vainyards<https://github.com/Vainyards> - I've been doing some testing, but I'm not able to reproduce the problem. I have some ideas for improvements, but I rather not push "blind" fixes not knowing if they indeed improve OAuth2 stability. Also, after investigating more, I am not confident increasing the mentioned timeout would make a meaningful difference. I will continue running some more long-running tests with OAuth2 and share if I find anything. Meanwhile, should you encounter the prompt to re-authenticate, could you please share a copy of ~/.nmail/log.txt with me? Either attach here or send via email to d99kris [at] gmail [dot] com. Thanks!
—
Reply to this email directly, view it on GitHub<#135 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ATLVT3HEFZSSNFCXDECNR2LWYDB4FANCNFSM6AAAAAAU3E42WI>.
You are receiving this because you were mentioned.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
Hello Got logged off just a while ago. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks 👍
For item 1, I reported issue #136 which I've also fixed just now. For item 2, it appears this is a limitation for OAuth2 clients not audited by Google (thus set to Unfortunately the Google audit process is rather costly (est. US$ 15000-75000), so not within the budget for nmail. So I think we'll have to live with this for OAuth2 authentication. Using IMAP password authentication will not have this problem. |
Beta Was this translation helpful? Give feedback.
-
|
that's what I've figured, and will setup with imap instead of oauth setup! :P |
Beta Was this translation helpful? Give feedback.
-
|
I have now set it up with Imap instead of oauth, and I hope for the best! :) |
Beta Was this translation helpful? Give feedback.
-
|
I have now run with IMAP and works perfectly! :)
Den sön 26 feb. 2023 kl 11:13 skrev Kristofer Berggren <
***@***.***>:
… Thanks 👍
I was also able to reproduce this problem finally. I believe there are two
parts to this problem:
1. Upon token expiration nmail does simply fail to login, not
prompting user to reauthenticate/reauthorize.
2. Gmail access token expires after a couple of days
For item 1, I reported issue #136
<#136> which I've also fixed just
now.
For item 2, it appears this is a limitation for OAuth2 clients not audited
by Google (thus set to Testing state, rather than Production) that tokens
expiry after 7 days. Sources: Link 1
<https://stackoverflow.com/a/66476673/485047>, Link 2
<https://stackoverflow.com/a/67966982/485047>
Unfortunately the Google audit process is rather costly (est. US$
15000-75000), so not within the budget for nmail. So I think we'll have to
live with this for OAuth2 authentication.
Using IMAP password authentication will not have this problem.
—
Reply to this email directly, view it on GitHub
<#135 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ATLVT3BONKEXQRHNN5SMLMDWZMUGPANCNFSM6AAAAAAU3E42WI>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
Thanks for sharing 👍 |
Beta Was this translation helpful? Give feedback.
Thanks 👍
I was also able to reproduce this problem finally. I believe there are two parts to this problem:
For item 1, I reported issue #136 which I've also fixed just now.
For item 2, it appears this is a limitation for OAuth2 clients not audited by Google (thus set to
Testingstate, rather thanProduction) that tokens expiry after 7 days. Sources: Link 1, Link 2Unfortunately the Google audit process is rather costly (est. US$ 15000-75000), so not within the budget for nmail. So I think we'll have to live with this for OAuth2 authen…