https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38338 --- Comment #86 from David Cook <dcook@prosentient.com.au> --- I keep thinking about this topic... The author of sasl-xoauth2 hasn't posted anything since April, so it doesn't make me super confident in the longevity of that project. I've posted on the Cyrus SASL Github to see if they'd be open to providing a simple XOAUTH2 SASL mechanism: https://github.com/cyrusimap/cyrus-sasl/issues/890 Technically, with Postfix, the SASL plugin really just needs to listen to follow the SASL procedure and provide the username and token in a particular format to the destination server. As for getting the actual password... sasl-xoauth2 uses the "hash" lookup in its documentation but you could actually use the "socketmap" type to use a UNIX socket to connect to a daemon that's responsible for managing the Oauth2 tokens: https://www.postfix.org/DATABASE_README.html#types And if you look at https://metacpan.org/pod/Authen::SASL::Perl::XOAUTH2 that's what it does... it just provides the SASL mechanism for XOAUTH2. It doesn't do any of the actual work of fetching or refreshing tokens. -- sasl-xoauth2 is nice in that it encapsulates everything into 1 package but... it's also a bit bloated. And then it makes me think about how we want to implement it in Koha. I wonder if it should be implemented as plugins since it really is only for Google and Microsoft... It would make for a much much lighter touch. -- You are receiving this mail because: You are watching all bug changes.