Dovecot Gmail OAuth2.0 Setting Question

福田泰葵 taiki.fukuda at justsystems.com
Tue Jan 19 07:17:52 EET 2021 

Dear Sir or Madam

Unable to build OAuth2.0 authentication to Gmail using dovecot as proxy.
I have a question about how to use dovecot as a proxy to perform OAuth 2.0
authentication to Gmail using a mail client.

   1.

   Is the following all I need to do to authenticate to Gmail using dovecot
   as a proxy?
   -

      passdb

      passdb {
      driver = oauth2
      mechanisms = oauthbearer xoauth2
      args = /etc/dovecot/dovecot-oauth2.token.conf.ext
      }
      passdb {
      driver = oauth2
      mechanisms = plain login
      args = /etc/dovecot/dovecot-oauth2.plain.conf.ext
      }

      -

      create dovecot-oauth2.token.conf.ext and dovecot-oauth2.plain.conf.ext
      - create gmail service account api
   2.

   grant_url in dovecot-oauth2.token.conf.ext and
   dovecot-oauth2.plain.conf.ext is URL for obtaining a Google access token
   for a web server that I have built myself?
   3.

   I use a Gmail service account, so I don’t need a client ID and secret
   ID, right?
   4.

   Do I set introspection_url to the URL of my own web server with the
   access token used for authentication to Google as the response?
   5.

   The documentation says “pass_attrs = host=127.0.0.1”, but if you are
   authenticating to Gmail, I should use
   “pass_attrs = proxy=y
host=%{if;%s;eq;imap;imap.gmail.com;%{if;%s;eq;pop3;smtp
   .gmail.com;pop.gmail.com}}
   port=%{if;%s;eq;imap;993;%{if;%s;eq;pop3;587;465}} proxy_mech=xoauth2
   pass=%{oauth2:access_token} user=%{oauth2:email oauth2:email}”?
   6.

   What is the difference between dovecot-oauth2.token.conf.ext and
   dovecot-oauth2.plain.conf.ext ? Do I need to configure both?

I used
https://doc.dovecot.org/configuration_manual/authentication/oauth2/#proxy
as a reference.
I would appreciate your reply.

Yours faithfully,
------------------------------

e-mail: taiki.fukuda at justsystems.com
TEL: 03-5324-7900
mobile: 080-6198-7328
------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20210119/8765ee74/attachment.html>

More information about the dovecot mailing list