GNU bug report logs -
#72358
29.4; oauth2.el improvements
Previous Next
Reported by: Xiyue Deng <manphiz <at> gmail.com>
Date: Tue, 30 Jul 2024 02:20:01 UTC
Severity: normal
Found in version 29.4
Done: Philip Kaludercic <philipk <at> posteo.net>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Björn Bidar <bjorn.bidar <at> thaodan.de> writes:
> Robert Pluim <rpluim <at> gmail.com> writes:
>
>> Xiyue> - This will invalidate all existing entries and a user will have to redo
>> Xiyue> the authorization process again to get a new refresh token. However,
>> Xiyue> I think it's more important to ensure that oauth2.el works correctly
>> Xiyue> for multiple accounts of the same provider, or a user may suffer from
>> Xiyue> confusion when adding a new account invalidates a previous account.
>>
>> I donʼt think thatʼs too big a concern. 'modern' authentication flows
>> regularly re-prompt, so this will not be too surprising (although
>> maybe call it out in the packageʼs NEWS or README).
>
> In many cases the refreshing of tokens is transparent to the user there
> doesn't have to be a re-prompt to refresh the token if the OAuth
> provider support it.
> Micrsofts OAuth workflow is quite good in this regard as there's a
> non-standard error to indicate when the user has to re-authorize the
> application.
>
Actually I am currently having trouble for a few weeks to get my
outlook.com email work with MS OAuth2. To avoid some repeated typing, I
have documented the issues and steps I have tried in this stackoverflow
question[1]. I would great appreciated it if you can shed some lights
there
> I assume all implementation of OAuth have their quirks.
Indeed.
[1] https://stackoverflow.com/questions/78787763/getting-aadsts65001-error-invalid-grant-when-trying-to-refresh-access-token-fo
--
Xiyue Deng
This bug report was last modified 258 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.