[Users] Authorization error after setting up OAuth2

Thu Jun 2 20:55:40 CET 2022

On Thu, 2 Jun 2022 15:42:59 -0400
Littlergirl <littlergirl at gmail.com> wrote:

> Hey there,
> 
> I finally had to set up OAuth2 because my mail finally stopped working
> today without it and I've run into a wall right at the end. Here's the
> error I'm getting:
> 
> https://imgur.com/a/ugw7IEe
> 
> And here are the 56 steps that I followed to get to it:
> 
> SET UP OAUTH2 ON GOOGLE:
> 1. Log into your Gmail account.
> 2. Open the Google API console on the
> https://console.developers.google.com/ page.
> 3. Create a new project (I didn't write down what I clicked to do
> that). 4. Open the project you created (I didn't write down what I
> clicked, if anything to do that, and it may have opened automatically
> upon creation). 5. Click Credentials in the menu on the left.
> 6. Click Consent Screen to configure your consent screen.
> 7. Choose External for the User Type.
> 8. Click the CREATE button.
> 9. Fill in your Gmail user name as the App name, fill in your full
> Gmail address as the User support email, browse to an image to use as
> the App logo, and fill in your full Gmail address as the Developer
> email. 10. Click SAVE AND CONTINUE.
> 11. Click ADD OR REMOVE SCOPES.
> 12. Put a checkmark in the Gmail API entry's box if it's in the list
> or add the https://mail.google.com/ URL manually at the bottom of the
> list if it's not there. When adding it manually, it will be selected
> for you and the list will close.
> 13. Click on UPDATE.
> 14. Scroll down to the Your restricted scopes section and make sure it
> shows the entry that you just added.
> 15. Click on SAVE AND CONTINUE.
> 16. The initial publishing status will be Testing. To set this up,
> click + ADD USERS.
> 17. Type in your full Gmail address and click ADD.
> 18. Click the X in the upper left corner of that pane to close it.
> 19. Check if the address was added to the Test users section. If not,
> repeat steps 16 and 17, click SAVE, and skip step 18.
> 20. Click SAVE AND CONTINUE.
> 21. Click BACK TO DASHBOARD.
> 22. Click Credentials on the left.
> 23. Click + CREATE CREDENTIALS.
> 24. Click Oauth Client ID.
> 25. Choose Desktop Application.
> 26. Paste https://mail.google.com into the Authorized Javascript
> origins section.
> 27. Click SAVE.
> 28. You'll receive a pop-up containing your client ID and client
> secret and an offer to download them as JSON if you like.
> 
> SET UP OAUTH2 IN CLAWS MAIL:
> 1. Open the Configuration menu in Claws Mail.
> 2. Choose Edit accounts… from the menu.
> 3. Choose your Gmail account.
> 4. Click the Edit button.
> 5. Click Receive in the left pane.
> 6. Put a check-mark in the Authenticate before POP connection box.
> 7. Choose OAuth2 from the Authentication method drop-down menu.
> 8. Click the Apply button.
> 9. Click Send in the left pane.
> 10. Choose OAuth2 from the Authentication method drop-down menu.
> 11. Click the Apply button.
> 12. Click OAuth2 in the left pane.
> 13. Change the Select OAuth2 Email Service Provider drop-down to
> Google/Gmail.
> 14. Paste the Client ID you got from your OAuth2 credentials into the
> Client ID box.
> 15. Paste the Client secret you got from your OAuth2 credentials into
> Client secret box.
> 16. Click the "Open default browser with request" button.
> 17. Choose your Gmail account.
> 18. Click the "Continue" link.
> 19. Click the "Continue" link.
> 20. Copy the authorization code it gives you.
> 21. Paste the code into the Authorization code box in Claws Mail.
> 22. Click the Authorize button.
> 23. Click the Cancel connection button after getting a warning about
> an invalid certificate.
> 24. Close Claws Mail.
> 25. Do some Google searches.
> 26. Log onto Gmail in a browser.
> 27. Check through my settings to see if there's anything obvious I
> should change (don't see anything).
> 28. Try to get help by writing this email.
> 
> Any help getting this across the finish line would be greatly
> appreciated. If I can't fix this and am stuck using Gmail in a
> browser from now on instead of in Claws Mail, I'll turn into a
> useless drooling husk in a dark corner of a room and that's a future
> I'd like to avoid if at all possible.
> 

FWIW, you might add to this excellent report: claws-mail version and
the contents of the CM Network log.

My $0.02 - what happens if you accept the invalid certificate?