Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Force Oauth2 reauthentication #95

Open
oculos opened this issue May 9, 2024 · 0 comments
Open

Force Oauth2 reauthentication #95

oculos opened this issue May 9, 2024 · 0 comments

Comments

@oculos
Copy link

oculos commented May 9, 2024

Hi,

I noticed that, when having two accounts configured on Thunderbird, both of them using the same Oauth2 provider, when the token used for one account is invalidated, you don't get a prompt to log in again. I have the feeling it is trying to use the token configured for the other account.

I configured Thunderbird with just one oauth2 account from my own IdP (I have built Thunderbird and added my own oauth2 provider, based on Keycloak. It works really well. ). I revoke the token, and then I get a prompt to log in again.

However, when I add another account from the same provider, it seems that Thunderbird no longer prompts me to authenticate again. It simply says that "Authentication failed" with the account which had its token revoked. My feeling is that, while Thunderbird does handle two tokens from the same provider, it doesn't seem to do a proper segregation of the accounts when authentication fails, not prompting the user to renew the token.

Independently of this bug, it would be nice to be able to force reauthentication. For example, when a token is invalid and I'm trying to send a mail, it asks me if I want to reenter password, instead of opening an oauth2 session for another login. I don't know if this was related to having two configured accounts with the same provider, though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant