outlook-oauth-hack/README.md

# Hiro's Home-Manager Outlook Oauth Hack

This is a generalization and adaptation of the fork of
[UvA-FNWI](https://github.com/UvA-FNWI/M365-IMAP) to get oauth imap
working on my machine with the McGill email server. I've added
multi-configuration and encryption support. Furthermore token
expiration is now being taken into account. *This has been hacked
together in an afternoon and works for me. No guarantees provided :).*

**If you want to see this in action with `mbsync + msmtp` head over
[here](https://github.com/vale981/nix-config/blob/master/home/hiro/software/email/default.nix)**

The tool is configured by `~/.o365-auth-config.toml` (see
`config.toml`) in this repo. The `[security]` section has only one
setting, namely the `PasswordPath` which can point to an optional
password file which is then used to decrypt the stored `refresh` and
`access` tokens. The expectation is, that a tool like
[agenix](https://github.com/ryantm/agenix) provides this file while
the computer is running.

The `[default]` section contains the OAuth `ClientId`, the
`ClientSecret` and the `Scopes`. I really don't have a clear idea what
those mean, but the values provided by default are taken from
Thunderbird. For a better explanation see [the work this is based
on](https://github.com/UvA-FNWI/M365-IMAP).

For each account one wishes to set up on can optionally add a section
`[<account name>]` which can override the above values.

The script `get_token.py` (accessible as `o365-get-token` if the
home-manager module is enabled) takes an argument `<account name>` and
launches the authentication flow. Once this has been done, the script
`refresh_token.py` (accessible as `o365-refresh-token`) can be called
with the same argument to obtain the currently valid `access key`. It
automatically refreshes said key upon its expiration. The `access key`
is printed to `stdout` and may be fed into `mbsync` or `msmtp`.

The flake provides a package which makes the above commands
available. It also provides a very basic and ugly home-manager module
that allows you to configure those scripts using, who'd have thought
it, home-manager.

Simply a add the `o365-auth.homeManagerModules.default` to your home-manager modules an
```nix
  programs.o365-auth.enable = true;
  programs.o365-auth.passwordPath = config.age.secrets.mail_token_storage_pw.path;
```
should get you started.
update readme to reflect new state 2024-04-05 22:41:40 -04:00			`# Hiro's Home-Manager Outlook Oauth Hack`

			`This is a generalization and adaptation of the fork of`
			`[UvA-FNWI](https://github.com/UvA-FNWI/M365-IMAP) to get oauth imap`
			`working on my machine with the McGill email server. I've added`
			`multi-configuration and encryption support. Furthermore token`
			`expiration is now being taken into account. *This has been hacked`
			`together in an afternoon and works for me. No guarantees provided :).*`

fix typo in readme 2024-04-05 23:07:27 -04:00			**If you want to see this in action with `mbsync + msmtp` head over
			`[here](https://github.com/vale981/nix-config/blob/master/home/hiro/software/email/default.nix)**`
add pointer to my usecase 2024-04-05 22:49:36 -04:00
update readme to reflect new state 2024-04-05 22:41:40 -04:00			The tool is configured by `~/.o365-auth-config.toml` (see
			`config.toml`) in this repo. The `[security]` section has only one
			setting, namely the `PasswordPath` which can point to an optional
			password file which is then used to decrypt the stored `refresh` and
			`access` tokens. The expectation is, that a tool like
			`[agenix](https://github.com/ryantm/agenix) provides this file while`
			`the computer is running.`

			The `[default]` section contains the OAuth `ClientId`, the
			`ClientSecret` and the `Scopes`. I really don't have a clear idea what
			`those mean, but the values provided by default are taken from`
			`Thunderbird. For a better explanation see [the work this is based`
			`on](https://github.com/UvA-FNWI/M365-IMAP).`

			`For each account one wishes to set up on can optionally add a section`
			`[<account name>]` which can override the above values.

			The script `get_token.py` (accessible as `o365-get-token` if the
			home-manager module is enabled) takes an argument `<account name>` and
			`launches the authentication flow. Once this has been done, the script`
			`refresh_token.py` (accessible as `o365-refresh-token`) can be called
			with the same argument to obtain the currently valid `access key`. It
			automatically refreshes said key upon its expiration. The `access key`
			is printed to `stdout` and may be fed into `mbsync` or `msmtp`.

			`The flake provides a package which makes the above commands`
			`available. It also provides a very basic and ugly home-manager module`
			`that allows you to configure those scripts using, who'd have thought`
			`it, home-manager.`

			Simply a add the `o365-auth.homeManagerModules.default` to your home-manager modules an
			```nix
			`programs.o365-auth.enable = true;`
			`programs.o365-auth.passwordPath = config.age.secrets.mail_token_storage_pw.path;`
New script that refreshes the access token (#5) * New script that refreshes the access token * Fixed some typos in the README 2022-03-17 13:25:43 -04:00			```
update readme to reflect new state 2024-04-05 22:41:40 -04:00			`should get you started.`