FYI: G-Mail is discontinuing support for "Less Secure Apps" => OAuth2

al-efound · April 29, 2020, 9:48pm

Hi.

For everyone which uses the “Less Secure Apps” to access Gmail.

G-Mail is discontinuing support for “Less Secure Apps” and forcing everyone over into OAuth2 as of June 2020

https://gsuiteupdates.googleblog.com/2019/12/less-secure-apps-oauth-google-username-password-incorrect.html

I use Fairmail which supports OAuth but I can’t login to Google because GmsAuthenticator raises this errors.
Have anyone gmail with OAuth on /e/ up and running?

04-01 00:37:22.298 15886 15886 D AccountChooser: selected account Account {name=ACCOUNT, type=com.google}
04-01 00:37:22.320 13346 13346 I fairemail: Result class=ActivitySetup action=null request=262149 result=-1
04-01 00:37:22.321 13346 13346 I fairemail: authAccount=ACCOUNT (String)
04-01 00:37:22.321 13346 13346 I fairemail: accountType=com.google (String)
04-01 00:37:22.321 13346 13346 I fairemail: data=null
04-01 00:37:22.322 13346 13346 I fairemail: Result class=FragmentGmail action=null request=5 result=-1
04-01 00:37:22.322 13346 13346 I fairemail: authAccount=ACCOUNT (String)
04-01 00:37:22.322 13346 13346 I fairemail: accountType=com.google (String)
04-01 00:37:22.322 13346 13346 I fairemail: data=null
04-01 00:37:22.338  4262  4275 D GmsAuthenticator: getAuthToken: Account {name=ACCOUNT, type=com.google}, oauth2:https://mail.google.com/, Bundle[{androidPackageName=eu.faircode.email, callerPid=13346, callerUid=10082}]
04-01 00:37:22.360  4262  4275 D GmsAuthManager: token present, but expired
04-01 00:37:22.381 15886 15902 D OpenGLRenderer: endAllActiveAnimators on 0x7f717fa400 (RippleDrawable) with handle 0x7f857d8080
04-01 00:37:22.391  4262  4275 D GmsHttpFormClient: -- Request --
04-01 00:37:22.391  4262  4275 D GmsHttpFormClient: androidId=3d049375b30cbbb9&app=eu.faircode.email&client_sig=17ba15c1af...&callerPkg=com.google.android.gms&callerSig=38918...&device_country=at&Email=ACCOUNT&google_play_services_version=19420000&is_called_from_account_manager=1&_opt_is_called_from_account_manager=1&lang=de_AT&operatorCountry=at&sdk_version=25&service=oauth2%3Ahttps%3A%2F%2Fmail.google.com%2F&source=android&Token=aas_et%2FAK...
04-01 00:37:22.569  4262  4275 W GmsAuthenticator:
04-01 00:37:22.569  4262  4275 W GmsAuthenticator: java.io.IOException: Error=DeviceManagementRequired
04-01 00:37:22.569  4262  4275 W GmsAuthenticator:     at org.microg.gms.common.HttpFormClient.request()
04-01 00:37:22.569  4262  4275 W GmsAuthenticator:     at org.microg.gms.auth.AuthRequest.getResponse()
04-01 00:37:22.569  4262  4275 W GmsAuthenticator:     at org.microg.gms.auth.AuthManager.requestAuth()
04-01 00:37:22.569  4262  4275 W GmsAuthenticator:     at org.microg.gms.auth.loginservice.AccountAuthenticator.getAuthToken()
04-01 00:37:22.569  4262  4275 W GmsAuthenticator:     at android.accounts.AbstractAccountAuthenticator$Transport.getAuthToken(AbstractAccountAuthenticator.java:244)
04-01 00:37:22.569  4262  4275 W GmsAuthenticator:     at android.accounts.IAccountAuthenticator$Stub.onTransact(IAccountAuthenticator.java:113)
04-01 00:37:22.569  4262  4275 W GmsAuthenticator:     at android.os.Binder.execTransact(Binder.java:565)

Regards

Aleks

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services phone

marcdw · May 1, 2020, 1:56am

Yeah, as of a day ago all of a sudden FairEmail couldn’t fetch the G mail since I had 2FA turned on recently (due to difficulties getting a new Thunderbird installation working with GMail).
In lieu of less secure app access, go for the app specific password route. That worked out fine with FairEmail.

FAQ topic

al-efound · May 1, 2020, 9:49am

Thanks I have over read this “app specific password”. I hope that solves the issue.

marcdw · May 1, 2020, 12:43pm

Yeah, it was simpler than I thought. In the Google security settings I found the part for app passwords. Added an entry for FairEmail, Google produced a code that I copy and paste into FairEmail. Replacing the gmail password with the code. Mail starting coming back in. So it worked out.

marcdw · May 2, 2020, 2:31am

This may be a more annoying issue than I thought. I have multiple ROMs, mostly using K9 mail or derivative. FairEmail mentions it believes in providing error messages whenever anything goes wrong whereas others may just silently fail. That seems to be the case. K9 hasn’t fetched gmail in a few days but I didn’t notice nor did it produce any errors. I did the app password thing and the unfetched mail appeared.

For me doing this for all the installations is possible but annoying. As one user put it, best not to access gmail with an app and just use the web. Makes sense if it’s no longer a primary.

zypper · February 6, 2021, 5:53pm

Try . pEp Pretty Easy #Privacy #email client

supports #OAuth and on fdroid repository
#p2p, #e2ee, automatic