starred/sms-backup-plus-jberkel

Fork 0

mirror of https://github.com/jberkel/sms-backup-plus.git synced 2026-04-25 17:05:59 +03:00

[GH-ISSUE #989] 1.6.0-BETA feedback thread #784

New issue

Open

opened 2026-02-26 01:31:53 +03:00 by kerem · 7 comments

kerem commented

2026-02-26 01:31:53 +03:00

Owner

Originally created by @jberkel on GitHub (Oct 24, 2019).
Original GitHub issue: https://github.com/jberkel/sms-backup-plus/issues/989

This is a thread to discuss beta developments. I'd like to get some feedback on how to restructure the app so that it is still usable, even without XOAuth2.

I've started by moving the IMAP settings to the main screen:

For now, the old settings are still accessible from the "Advanced Settings" screen:

The UI probably needs some rethinking and should provide guidance on how to enable IMAP in the account, and how to generate app passwords.

Originally created by @jberkel on GitHub (Oct 24, 2019). Original GitHub issue: https://github.com/jberkel/sms-backup-plus/issues/989 This is a thread to discuss beta developments. I'd like to get some feedback on how to restructure the app so that it is still usable, even without XOAuth2. * I've started by moving the IMAP settings to the main screen: ![Screenshot_1571901430](https://user-images.githubusercontent.com/18891/67462198-60dd5000-f63f-11e9-9953-222a232417dd.png) * For now, the old settings are still accessible from the "Advanced Settings" screen: ![Screenshot_1571901406](https://user-images.githubusercontent.com/18891/67462193-5fac2300-f63f-11e9-8e79-5ab63ee256e1.png) The UI probably needs some rethinking and should provide guidance on how to enable IMAP in the account, and how to generate app passwords.

kerem added the

meta

xoauth

labels

2026-02-26 01:31:53 +03:00

kerem commented

2026-02-26 01:31:54 +03:00

Author

Owner

@kurahaupo commented on GitHub (Nov 9, 2019):

Research question: is it possible to link directly to the IMAP section in the account settings? (I've heard that there's something called "Intents".)
If so, it would probably be necessary to choose a Google account first.

@kurahaupo commented on GitHub (Nov 9, 2019): Research question: is it possible to link directly to the IMAP section in the account settings? (I've heard that there's something called "Intents".) If so, it would probably be necessary to choose a Google account first.

kerem commented

2026-02-26 01:31:54 +03:00

Author

Owner

@kurahaupo commented on GitHub (Nov 9, 2019):

I like where you're going with this approach.

If the user selects XOAuth2, would it be possible to probe immediately to see if access has been restored? (We can hope ...)

@kurahaupo commented on GitHub (Nov 9, 2019): I like where you're going with this approach. If the user selects XOAuth2, would it be possible to probe immediately to see if access has been restored? (We can hope ...)

kerem commented

2026-02-26 01:31:54 +03:00

Author

Owner

@jberkel commented on GitHub (Dec 6, 2019):

@kurahaupo you mean in the Gmail account settings? For enabling IMAP, the URL seems to be https://mail.google.com/mail/u/0/#settings/fwdandpop

@jberkel commented on GitHub (Dec 6, 2019): @kurahaupo you mean in the Gmail account settings? For enabling IMAP, the URL seems to be https://mail.google.com/mail/u/0/#settings/fwdandpop

kerem commented

2026-02-26 01:31:54 +03:00

Author

Owner

@mwisnicki commented on GitHub (Dec 16, 2019):

Does anyone know how Thunderbird is able to use IMAP with OAuth?
Can you just add setting to override Client Id?

@mwisnicki commented on GitHub (Dec 16, 2019): Does anyone know how Thunderbird is able to use IMAP with OAuth? Can you just add setting to override Client Id?

kerem commented

2026-02-26 01:31:54 +03:00

Author

Owner

@billybednar commented on GitHub (Dec 25, 2019):

For now, the old settings are still accessible from the "Advanced Settings" screen:

OAuth is still working for me so definitely keep them for now.

The UI probably needs some rethinking and should provide guidance on how to enable IMAP in the account, and how to generate app passwords.

Any instructions should mention that G Suite users can't first enable non-OAuth IMAP after 2020-06-15 and that it will stop working on 2021-02-15.

Does anyone know how Thunderbird is able to use IMAP with OAuth?
Can you just add setting to override Client Id?

I think it's technically possible, but I can't see Google being happy with us impersonating another client. To answer question, Google has some info on the flow for non-server clients. From what Google displays on the authorization page, it looks like Thunderbird uses http://localhost as the redirect_uri. It also appears (based on a quick check with Wireshark) that Thunderbird's internal web browser intercepts that request and it isn't actually listening on the loopback adapter.

@billybednar commented on GitHub (Dec 25, 2019): > For now, the old settings are still accessible from the "Advanced Settings" screen: OAuth is still working for me so definitely keep them for now. > The UI probably needs some rethinking and should provide guidance on how to enable IMAP in the account, and how to generate app passwords. Any instructions should mention that [G Suite users can't first enable non-OAuth IMAP after 2020-06-15 and that it will stop working on 2021-02-15.](https://gsuiteupdates.googleblog.com/2019/12/less-secure-apps-oauth-google-username-password-incorrect.html) > Does anyone know how Thunderbird is able to use IMAP with OAuth? Can you just add setting to override Client Id? I think it's technically possible, but I can't see Google being happy with us impersonating another client. To answer question, [Google has some info](https://developers.google.com/identity/protocols/OAuth2InstalledApp) on the flow for non-server clients. From what Google displays on the authorization page, it looks like Thunderbird uses `http://localhost` as the `redirect_uri`. It also appears (based on a quick check with Wireshark) that Thunderbird's internal web browser intercepts that request and it isn't actually listening on the loopback adapter.

kerem commented

2026-02-26 01:31:54 +03:00

Author

Owner

@mwisnicki commented on GitHub (Dec 25, 2019):

Thanks. Technically it wouldn't be you/the project doing the impersonation but the user who chooses to fiddle with advanced option :) Also one could use it to set his own development key.
I'm kind of worried that Google will soon remove ability to login with passwords like they just did for GSuite users.

BTW I think OAuth option should be left in for people with Google Suite as that is exempt from the verification requirements.

@mwisnicki commented on GitHub (Dec 25, 2019): Thanks. Technically it wouldn't be you/the project doing the impersonation but the user who chooses to fiddle with advanced option :) Also one could use it to set his own development key. I'm kind of worried that Google will soon remove ability to login with passwords like they just did for GSuite users. BTW I think OAuth option should be left in for people with Google Suite as that is exempt from the verification requirements.

kerem commented

2026-02-26 01:31:54 +03:00

Author

Owner

@kurahaupo commented on GitHub (Jul 8, 2020):

@mwisnicki I imagine that Thunderbird qualifies as a "native [...] email client that allow users to compose, send, read, and process email via a user interface" as per https://developers.google.com/terms/api-services-user-data-policy#additional-requirements-for-specific-api-scopes

@kurahaupo commented on GitHub (Jul 8, 2020): @mwisnicki I imagine that Thunderbird qualifies as a _"native [...] email client that allow users to compose, send, read, and process email via a user interface"_ as per https://developers.google.com/terms/api-services-user-data-policy#additional-requirements-for-specific-api-scopes