[horde] Setup OAuth2 with Horde-Imp

Louis-Philippe Allard lp.allard.1 at gmail.com
Fri Jun 3 16:19:23 UTC 2022 

  Quoting Michael J Rubinsky <mrubinsk at horde.org>:

> Quoting Louis-Philippe Allard <lp.allard.1 at gmail.com>:
>
>> Quoting Michael J Rubinsky <mrubinsk at horde.org>:
>>
>>> Quoting Louis-Philippe Allard <lp.allard.1 at gmail.com>:
>>>
>>>> Hello,
>>>>
>>>> I am trying to setup Protonmail and their bridge to replace GMail  
>>>> as Horde's email backend server on my selfhosted VPS.  However  
>>>> its looking more complicated than expected (sigh).
>>>>
>>>> In the meantime, I have until May 30th to setup OAuth2 to be able  
>>>> to continue using Gmail. Thanks Google...
>>>>
>>>> However, I cannot find any instructions on how to do so, and the  
>>>> maillist is very quiet these days.
>>>>
>>>> The way my system is setup is that Gmail's credentials are used  
>>>> by IMP for Horde's authentication (hordeauth => true in  
>>>> imp/backends.local.php).
>>>>
>>>> GMail's IMAP server is setup also in imp/backends.local.php  
>>>> (imap.gmail.com:993) and to send emails, Gmail's SMTP server is  
>>>> setup under Horde's config > Mailer section (smtp.gmail.com:587).
>>>>
>>>> Just to be sure I understand the "mechanics" involved here, can  
>>>> someone just confirm this statement:  On my setup, IMP passes the  
>>>> credentials received at the login page to GMail's server which  
>>>> accepts them.  IMP receiving a successful reply from GMail, it  
>>>> lets the user enter (authenticate) into Horde.  Email sync'ing  
>>>> (folder structure, receiving emails, etc) is done via the IMP's  
>>>> backends.local.php (IMAP section), and sending email from this  
>>>> VPS is accomplished via the Mailer section of Horde using GMail's  
>>>> SMTP server.
>>>
>>> This is correct in a general sense, yes.
>>>
>>>> Everything else in Horde (calendar, contacts, task lists, notes,  
>>>> tickets, etc) has never been setup to be stored remotely.  It is  
>>>> stored in Horde's MYSQL database.
>>>>
>>>> If I lose connectivity to GMail, I CANNOT LOGIN to Horde.  This  
>>>> is a major issue.
>>>>
>>>> I need IMP to handle OAuth2 to be able to use GMail's IMAP.
>>>
>>> The good news is that our IMAP client supports the required XOAUTH  
>>> mechanism that Google's IMAP servers require. The bad news is that  
>>> neither Horde or IMP has been modified to use that yet.
>>>
>>>> I need Horde to handle OAuth2 to be able to use GMail's SMTP.
>>>>
>>>> Question 1:  How can I setup a local authentication that would  
>>>> NOT rely on external servers?  This VPS is behind a strong FW so  
>>>> I am OK with standard USR:PSW combination.
>>>
>>> Pick another authentication option, like "SQL". Note that this  
>>> won't allow you to use IMP in your current setup.
>>>
>>>> Question 2:  Is it possible to setup OAuth2 to be able to use  
>>>> GMail's IMAP and SMTP servers?
>>>
>>> Possible? Yes, but will require work in Horde and IMP to take  
>>> advantage of our IMAP client's capabilities.
>>>
>>>> Hopefully the maillist is still alive and well  and someone can  
>>>> guide/help me!
>>>>
>>>> Thank you !!
>>>> Louis-Philippe Allard
>>>> lp.allard.1 at gmail.com
>>>> Sent using Horde Groupware on GNU/Linux
>>>> --
>>>> Horde mailing list
>>>> Frequently Asked Questions: http://horde.org/faq/
>>>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>>>
>>> --
>>> mike
>>> The Horde Project
>>> http://www.horde.org
>>> https://www.facebook.com/hordeprojecthttps://www.twitter.com/hordeproject
>>
>> Thanks for the reply Michael,
>>
>> Okay I changed the auth backend to MySQL, using my GMail creds I  
>> can login to horde without having IMP connect to Gmail.  This is  
>> good as at least I will have access to my other functions  
>> (Kronolith, etc).
>>
>> For Horde/Imp not modified to use XOauth, is this something that  
>> you'd think would be under way, or are we looking at months/years  
>> of development?
>
> It's not currently being worked on, and quite honestly it's unlikely  
> to be implemented any time soon unless someone contributes code or  
> perhaps sponsors the work. Most of the core developers have,  
> unfortunately, limited free time to spend on Horde at the moment.
>
>> Louis-Philippe Allard
>> lp.allard.1 at gmail.com
>> Sent using Horde Groupware on GNU/Linux
>
> --
> mike
> The Horde Project
> http://www.horde.org
> https://www.facebook.com/hordeprojecthttps://www.twitter.com/hordeproject

As a follow up to this thread, I tried Google app passwords as someone  
suggested, and it works very well for the time being.

Thanks for the suggestion!
  Louis-Philippe Allard
lp.allard.1 at gmail.com
Sent using Horde Groupware on GNU/Linux

More information about the horde mailing list