[Users] Gmail OAUTH2 recent change

[David Fletcher]

Dan Engel dengel at sourceharvest.com wrote:

> "Because you added restricted scopes , which grant access to highly sensitive users data, you will   
> need to submit your app for verification. . In addition, you may need to go through an independent 
> security review, which can cost $15-$75k"

> This appears to mean I simply cannot use gmail with claws (at least for now). Has anyone else run 
> into this? Is there something I'm missing?

Hi Dan,

Just ignore this message, it doesn't apply to personal registrations.
There was a reconfiguration by Google which meant a change in Claws to
align with it. The git version has this latest configuration, but if you
just want to make your existing source code work do this:

(1) Replace
    "urn:ietf:wg:oauth:2.0:oob",
with
   "https://127.0.0.1:8888",
on line 50 of claws-mail/src/oauth2.c

(2) Compile Claws Mail as normal.
(3) Set up your account as normal.
(4) Oauth2 authorization - Use the normal Open default browser button, or
copy the code to your browser. Go through the Google authorization
process as normal. After completing this Google will forward you to a
web page that does not exist. Copy the authorization code out of the URL
and into the Claws Mail Authorization Code box. Make sure to copy just
the code, not the whole URL, e.g. from the URL
https://127.0.0.1:8888/?code=4/0AX4XfWiLeoP0OglH3-VeEIokX7Bm12L895CkWPlYqF3PkvqlhBtrjs7Aikxj_JeDk-xexQ&scope=https://mail.google.com/

the code is this part:
4/0AX4XfWiLeoP0OglH3-VeEIokX7Bm12L895CkWPlYqF3PkvqlhBtrjs7Aikxj_JeDk-xexQ

Best regards, David.