Closed Bug 1682336 Opened 3 years ago Closed 3 years ago

Gmail OAuth2 login is stuck with error

Categories

(Thunderbird :: Security, defect)

Product:
Thunderbird
Component:
Security
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: zaitcev, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:82.0) Gecko/20100101 Firefox/82.0

Steps to reproduce:

Unknown, possible that username is wrong (see below)

Actual results:

The account was configured for several years. This organization uses OAuth2 to manage Gmail accounts, Google redirects to the auth provider. This morning, Thunderbird prompted for authentication - popped a separate window, as expected for OAuth2. I entered the e-mail as username. However, the auth provider reported:

We're sorry ...
English
English
An error occurred, please login again through your application.

And now the Thunderbird is stuck in this loop. There's no way to re-enter the username.

Tried:

  • reset everything possible in Thunderbird
  • drop all cookies in Firefox (in case Tbird steals from there)
  • remove app access in Google account

Nothing works. Went and installed Evolution, which worked fine.

Expected results:

When this sort of situation occurs, there must be a way to clear all authentication cookies in Thunderbird, so that a completely fresh login can be done.

(let's not close this quickly)

In the wake of gmail's/google's outage this morning, there have been a few SUMO posts similar to the reporter of this bug.

I'm also having oauth issues with 4 of my 8 gmail accounts. And I found some of my oauth creds are missing in Thunderbird password manager for these gmail accounts. A coincidence?

Component: Untriaged → FileLink
Component: FileLink → Security

to clarify, unlike the reporter, I am seeing an oauth window - "sign in with your google account"

I only have 3 gmail accounts and 3 calendars and had to log on to them after the outage.

Also had to log on to 2 of the 3 mail accounts again after quitting and restarting Thunderbird once.

I haven't looked at the password manager.

Yeah. I am aware for the outage, although it was officially resolved by the time I woke up this morning. And, I do think that the outage prompted the old authentication tokens to die, so Thunderbird wanted to re-authenticate. The problem is what happens next - it's stuck in a loop. I installed GNOME Evolution e-mail client, which was able to authenticate.

I'll try to blow away ~/.thunderbird and re-add the accounts later. I wanted to keep the current setup because I have a few filters.

Save the msgFilterRules.dat files for each account first, or just rename ~./thunderbird to ~./oldthunderbird before creating a new profile and copy them from there.

(In reply to WaltS48 [:walts48] from comment #3)

I only have 3 gmail accounts and 3 calendars and had to log on to them after the outage.

Also had to log on to 2 of the 3 mail accounts again after quitting and restarting Thunderbird once.

I haven't looked at the password manager.

I had no issues this morning on either my home PC or my office PC like you've had. I too woke after the issue happened but not prompts to re-enter password. All appears to be working normal on my end.

What do we want to do with this?

Didn't this turn out to ultimately be an outage on Google's side?

(In reply to Arthur K. [He/Him/His] from comment #8)

Didn't this turn out to ultimately be an outage on Google's side?

The problem was triggered by the outage at Google. But the nature of the problem is that - during and because of the outage - something (a cookie, perhaps) gets "stuck" so that it's impossible to use the account after the outage. The requested resolution is provide an explicit button "clear everything" in settings of an account.

All I had to do after the outage was remove the saved OAuth2 tokens from the password manager and remove cookies through the cookies manager, both of which are inbuilt features of Thunderbird.

Stans may be right. Let's just close it for now. I discovered that I'm unable to find the stuck account that I thought I preserved just for this bug. So, it's impossible to reproduce.

Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.