Gmail OAuth2 login is stuck with error
Categories
(Thunderbird :: Security, defect)
Tracking
(Not tracked)
People
(Reporter: zaitcev, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:82.0) Gecko/20100101 Firefox/82.0
Steps to reproduce:
Unknown, possible that username is wrong (see below)
Actual results:
The account was configured for several years. This organization uses OAuth2 to manage Gmail accounts, Google redirects to the auth provider. This morning, Thunderbird prompted for authentication - popped a separate window, as expected for OAuth2. I entered the e-mail as username. However, the auth provider reported:
We're sorry ...
English
English
An error occurred, please login again through your application.
And now the Thunderbird is stuck in this loop. There's no way to re-enter the username.
Tried:
- reset everything possible in Thunderbird
- drop all cookies in Firefox (in case Tbird steals from there)
- remove app access in Google account
Nothing works. Went and installed Evolution, which worked fine.
Expected results:
When this sort of situation occurs, there must be a way to clear all authentication cookies in Thunderbird, so that a completely fresh login can be done.
Comment 1•3 years ago
|
||
(let's not close this quickly)
In the wake of gmail's/google's outage this morning, there have been a few SUMO posts similar to the reporter of this bug.
I'm also having oauth issues with 4 of my 8 gmail accounts. And I found some of my oauth creds are missing in Thunderbird password manager for these gmail accounts. A coincidence?
Updated•3 years ago
|
Comment 2•3 years ago
|
||
to clarify, unlike the reporter, I am seeing an oauth window - "sign in with your google account"
Comment 3•3 years ago
|
||
I only have 3 gmail accounts and 3 calendars and had to log on to them after the outage.
Also had to log on to 2 of the 3 mail accounts again after quitting and restarting Thunderbird once.
I haven't looked at the password manager.
Yeah. I am aware for the outage, although it was officially resolved by the time I woke up this morning. And, I do think that the outage prompted the old authentication tokens to die, so Thunderbird wanted to re-authenticate. The problem is what happens next - it's stuck in a loop. I installed GNOME Evolution e-mail client, which was able to authenticate.
I'll try to blow away ~/.thunderbird and re-add the accounts later. I wanted to keep the current setup because I have a few filters.
Comment 5•3 years ago
|
||
Save the msgFilterRules.dat files for each account first, or just rename ~./thunderbird to ~./oldthunderbird before creating a new profile and copy them from there.
Comment 6•3 years ago
|
||
(In reply to WaltS48 [:walts48] from comment #3)
I only have 3 gmail accounts and 3 calendars and had to log on to them after the outage.
Also had to log on to 2 of the 3 mail accounts again after quitting and restarting Thunderbird once.
I haven't looked at the password manager.
I had no issues this morning on either my home PC or my office PC like you've had. I too woke after the issue happened but not prompts to re-enter password. All appears to be working normal on my end.
Comment 7•3 years ago
|
||
What do we want to do with this?
Comment 8•3 years ago
|
||
Didn't this turn out to ultimately be an outage on Google's side?
(In reply to Arthur K. [He/Him/His] from comment #8)
Didn't this turn out to ultimately be an outage on Google's side?
The problem was triggered by the outage at Google. But the nature of the problem is that - during and because of the outage - something (a cookie, perhaps) gets "stuck" so that it's impossible to use the account after the outage. The requested resolution is provide an explicit button "clear everything" in settings of an account.
Comment 10•3 years ago
|
||
All I had to do after the outage was remove the saved OAuth2 tokens from the password manager and remove cookies through the cookies manager, both of which are inbuilt features of Thunderbird.
Reporter | ||
Comment 11•3 years ago
|
||
Stans may be right. Let's just close it for now. I discovered that I'm unable to find the stuck account that I thought I preserved just for this bug. So, it's impossible to reproduce.
Description
•