Re: [Evolution] yahoo OAuth2

On Tue, 2020-01-14 at 09:42 -0500, Eugene via evolution-list wrote:
Please consider following Thunderbird and allowing yahoo OAuth2 to
avoid sudden access denied messages and avoid a need to have "less
secure applications" toggle enabled.

it's not about considering to use it, just the opposite, I'd really
like to offer OAuth2 for Yahoo! servers, but Yahoo! offers only these
scopes for new applications (as of today) [1]:

|  Select private user data APIs that your application needs to access.
|  [ ] Contacts
|  [ ] Fantasy Sports
|  [ ] Oath Ad Platforms
|  [ ] Profiles (Social Directory)
|  [ ] Relationships (Social Directory)

There's no mail, there's no calendar, only contacts would be usable for

I guess Thunderbird created the keys early, in time when Yahoo! still
offered mail (and eventually calendar) scopes. If you'd think that
evolution-data-server could borrow the OAuth2 client ID and client
secret from Thunderbird, then no, that would be plain abuse of the

Thus it is as I said, unless Yahoo! allows mail (and calendar) scopes
for new OAuth2 applications there's no option for evolution(-data-
server) users. Try to convince Yahoo! developers/managers, I do not
know why they disabled those scopes [2]. I can imagine this can sound
odd, but there's really nothing else one can do, this requires changes
on the server, not on the client. Unless I did not try hard enough.


[1] taken from new OAuth2 application wizard, accessible from:
    from the "Before You Begin" section (at the very bottom).

[2] well, the documentation talks about mail scope:
    but I do not see it. If it's due to the account type I log in,
    then maybe it requires paid account or something, I really do not know.
    Some more info from 2017:

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]