Does net-stmp support SASL XOAUTH2?

[JensDebergh]

Hi!

I've been looking into communicating with Office365 and Gsuite through oauth tokens and apparently to do so we need the SASL XOAUTH2 format.

I was wondering if this is supported by the default ruby smtp gem and if not are there plans to support this? I couldn't find anything about the protocol through the official documentation and by looking at the code.

Maybe it's as simple as providing the correct protocol to the library and do the hashing of the access token myself but I'm not sure. Any hints on this specific topic?

There's a visible trend of providers moving towards oauth and supporting this would not only benefit this library but also Rails since it uses the gem under the hood.

For example:

It would allow ruby / rails apps to authenticate on behalf of the user without sacrificing security in the process which often is the case right now.

Currently if you want to send emails on behalf of the user you need people to:

• Disable security defaults
• Enable SMTP
• Store their real password encrypted (but with the possibility to decrypt since you need the password to authenticate)

Kind regards
Jens

[ahorek]

since the imap version was already merged into the core by ruby/net-imap#63 I think we should do the same here

until then, you can use the original gem https://github.com/nfo/gmail_xoauth

[JensDebergh]

I didn't know it got merged into core! Thanks for the heads up.

The reason for my original question was because I would like to use this in combination with rails. I guess once it's merged into core, we'll need to report this to rails and open up a merge request to support the feature.

People keep bugging me about not supporting XOAUTH2 for secure managing their email workflow but I'm only 1 guy 😆