Skip to content

Use HTTPS callback and OpenID scope for Yahoo OAuth#2

Merged
gumruyanzh merged 1 commit into
mainfrom
fix/https-oauth-callback
Feb 25, 2026
Merged

Use HTTPS callback and OpenID scope for Yahoo OAuth#2
gumruyanzh merged 1 commit into
mainfrom
fix/https-oauth-callback

Conversation

@gumruyanzh

Copy link
Copy Markdown
Contributor

Summary

  • Switch OAuth callback server from HTTP to HTTPS using an ephemeral self-signed TLS certificate
  • Replace mail-r/mail-w scopes with openid (Yahoo no longer grants mail scopes to new apps, but IMAP XOAUTH2 works with any valid token)

Context

Yahoo requires HTTPS redirect URIs — http://localhost is rejected. The self-signed cert causes a one-time browser warning which the user clicks through.

Test plan

  • Tested locally — yoy auth login --email gumruyan@yahoo.com completes successfully
  • yoy auth status shows authenticated with valid token

🤖 Generated with Claude Code

Yahoo requires HTTPS redirect URIs and no longer grants mail-r/mail-w
permissions to new apps. Changes:
- Switch callback server from HTTP to HTTPS using an ephemeral
  self-signed TLS certificate generated at runtime
- Replace mail-r/mail-w scopes with openid (IMAP XOAUTH2 works
  with any valid token regardless of scope)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@gumruyanzh gumruyanzh merged commit 59eab7d into main Feb 25, 2026
1 check passed
@gumruyanzh gumruyanzh deleted the fix/https-oauth-callback branch February 25, 2026 06:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant