[Users] Updated OAuth2 FAQ Page

Dustin Miller dustbiz at gmail.com
Thu Mar 24 16:32:17 UTC 2022 

Hi Everyone,

Based on my own experience and my understanding of the experience of
others who have posted to this list, I've recently made some updates to
the Gmail section of the Claws Mail OAuth FAQ page
(https://www.claws-mail.org/faq/index.php/Oauth2). These updates are
still pending review / moderation, but I hope that they will be helpful
to people if/when they are approved.

One thing to note is that, for best results, you need to work through
BOTH the Google instructions (link at the top of the page) and the FAQ
page instructions TOGETHER fairly methodically and may need to jump up
and/or down in one or more list of instructions and/or skip some
instructions depending on your specific setup context. It's also
helpful once you've become a bit familiar with getting around within
the various menus and screens of the Google Cloud Platform.

Also, as a follow-up to Paul's helpful reminder about the FAQ being an
editable wiki that users are welcomed to improve, I would add (for
those interested in contributing) that you need to set up a Claws Mail
FAQ account in order to do this. However, I found this to be a
relatively painless process.

In case it is helpful for anyone as a temporary stop-gap until my
updates are (hopefully) approved, I will post the 'raw text' of the
Gmail section (with my proposed edits) of the FAQ page beneath this
post.

Cheers,
Dustin
____________________________________________

----------------------------------------
Setting up OAuth 2.0 for Gmail
----------------------------------------
Follow the instructions here:
https://support.google.com/googleapi/answer/6158849

Note: Before starting, make sure that you are not logged in (via
webmail) to any Gmail account, or that you are logged in to only the
relevant account.

When setting up the project use these settings:
  Project name: Anything of your choice
  Publishing status (of project): 'Testing' (initial default)
  User type: External

Notes related to the above:

  1. If/when you create a new project, if it appears that the process
  has stalled, look in the top-right corner for a notification icon
  that you can click on and then select the relevant project. This
  should then open that project's dashboard so you can continue with
  the process. (As of 24 Mar 2022.)

  2. Regarding Google's above-linked instructions related to the
  "Credentials" page: Where it says "Click 'New Credentials'" it should
  read "Click '+ CREATE CREDENTIALS'" (as of 24 Mar 2022).

  3. Regarding "Publishing status", there isn't an option to choose
  this when you are creating a new project. It seems that the status
  will be considered as 'Testing' unless/until you have clicked on
  'Publish App' in the 'Publishing status' section of the 'OAuth Consent
  Screen'; then it will be considered as being 'In Production'.
  (However, 'publishing' the app may require that it be submitted to
  Google for verification, which requires a variety of submissions that
  seem more relevant to the developers of an app for 'everyone' rather
  than for a user who is trying to set something up for themselves.) It
  is possible to get it working by using the 'Testing' status if you
  add the relevant email address to the 'Test Users' list on the 'Edit
  App Registration' - 'Test Users' page of the 'OAuth Consent Screen'
  setup process (or on the main 'OAuth Consent Screen' page). However,
  authorization with this status may only last for seven days. (As of
  24 Mar 2022.)

OAuth consent screen settings:
  App name: Anything of your choice
  User support email: Your own email
  Developer email: Your own email
  App domain entries: Leave blank

Scopes settings:
* Click on 'Add or Remove Scopes'.
* Select (check the box) this entry: "Gmail API,
  https://mail.google.com/, Read, compose, send and permanently delete
  all your email from Gmail"
* (For the above, note that the list is in alphabetical order and you
  may need to go to a later page to find this entry.)
* (Also, if you can't find it in the list, you can enter the URL
  manually at the bottom of the page to add it to the list.)
* Click on 'Update'.
* Confirm that the section 'Your restricted scopes' shows the entry you
  just added.
* Click on 'Save and Continue'.

Getting the ClientID:
  APIs and Services on the left menu, then Credentials entry

  Copy the ClientID to the custom entry box on Claws Mail Oauth2
  account preferences screen.

  Select "Edit Oauth Credentials" (pencil icon), then copy the Client
  Secret to the entry in Claws Mail Oauth2 account preferences screen.

Trouble-shooting:
  1. It's possible / probable that Gmail will 'complain' about giving
access to an unverified third-party app. If this keeps you from using
Claws to access your Gmail, you may need to login to Gmail's webmail
and change your security settings there to allow access to
'less-secure' third-party apps.

More information about the Users mailing list