embrace, extend, snuff? :)

if anyone wants to give it a try, there is enough Go code -- packages and
samples -- to make it less painful.

here's a sample [0] OAuth2-based web server ("resource provider") that
works with Google ("identity provider"). it runs on Plan 9, but each
instance will need its own client ID and client secret from Developer
Console. the code for installed app should be similar [1] with auth tokens
coming through a redirect to localhost rather than accessing a web address.
the access token can then be forward to imap4 or smtp [2]

-Skip

[0] https://gist.github.com/9nut/1f883d857369a279f289#file-oa2srv-go
[1] https://developers.google.com/accounts/docs/OAuth2InstalledApp
[2] https://developers.google.com/gmail/xoauth2_protocol


On Fri, Oct 31, 2014 at 5:14 PM, Anthony Martin <ality@pbrane.org> wrote:

> Richard Miller <9fans@hamnavoe.com> once said:
> > - finally, after receiving a "Google Account: sign-in attempt blocked"
> > email from google, followed their suggestion to:
> >
> > "change your settings at
> > https://www.google.com/settings/security/lesssecureapps so that your
> > account is no longer protected by modern security standards."
> >
> > I guess upas/smtp is considered a less secure app.
>
> Embrace, extend, and ... well, you know the rest.
>
> http://forums.mozillazine.org/viewtopic.php?f=39&t=2852231
>
>   Anthony
>
>