Google will only allow OAuth access to account, drawing developer dissatisfaction

Google announced that, as of February 15, 2021, G Suite accounts will only allow OAuth access to the app. From the emails that developers receive, Google’s move is to “protect the security of Google Account.” Google will turn off access to less secure apps (LSAs), which currently use only usernames and passwords to access Google Accounts, eliminating the need for more verification steps and making them more vulnerable, the email said.

As a result, Google will close access to such applications in two phases. Users who first attempt to connect to the LSA will no longer be able to connect by June 15, 2020, and all G Suite accounts will not be accessible to the LSA app by February 15, 2021.

Google will only allow OAuth access to account, drawing developer dissatisfaction

The developer of FreeScout, an open source mailbox client, sent a message expressing dissatisfaction. He points out that “you can’t connect to Gmail via OAuth with the standard PHP IMAP extension because the imap_open function doesn’t support the features recommended by the Google SASL XAUTH2 protocol.” This means that all PHP projects that use standard PHP IMAP functionality need to be redesigned to use the Zend Mail library that works with the Google IMAP OAuth algorithm. “

PHP IMAP is a standard extension written in C that is fast and reliable. However, Zend Mail and PHP IMAP are not compatible. For some projects, this results in months of development, debugging, and bug fixes. FreeScout developers say they chose PHP IMAP at the beginning of the project to make the application run faster, but now Google has forced the PHP IMAP extension to stop.

There are thousands of packages using standard PHP IMAP, and countless downloads, and they will not be able to connect to G_Suite Gmail accounts via IMAP, which can have a huge impact.

FreeScout developers ask: “IMAP requests for G Suite will then be sent through OAuth, so why isn’t Google allowing OAuth tokens to be passed as IMAP passwords?” This way, all existing IMAP libraries will continue to run. “

“Why repeat the wheel and force the world to use the SASL XAUTH2 protocol when it is possible to achieve the goal in standard IMAP certification?” “

All he thinks Google has to do is receive the OAuth token in the IMAP password for its G Suite account. This is a very simple and logical lyonate and elegant solution that doesn’t cause developers much trouble. Google can even continue to use SASL XAUTH2.

Google will only allow OAuth access to account, drawing developer dissatisfaction

To do this, the FreeScout team asked Google Issue, but there has been no response from Google.

Some netizens replied, “This is not development, this is not innovation.” This is enforcing one standard and abandoning support for another tool (IMAP library). “From the comments, most developers don’t support Google’s approach, which some interpret as a monopoly: “What they’re doing is imposing a monopoly, and hopefully a bunch of developers will give them free labor.” “

Original address:

Add a Comment

Your email address will not be published. Required fields are marked *