Modern corporate OAuth2 email authentication on NixOS

I like to use mbsync and msmtp with mu and Emacs to manage my email. These tools are mostly designed around basic IMAP and SMTP password authentication, but they are growing support for OAuth2.

My university, which uses Microsoft 365, recently disabled “basic authentication” in favor of “modern authentication”, which means I can’t use an app password and legacy email authentication anymore.

There are various guides on setting up Oauth2 with these email tools, but they all seem to depend on different scripts and packages for dealing with the tokens, and most of these tools don’t seem to be available yet on Nix.

• https://www.reddit.com/r/emacs/comments/jreehr/imap_and_smtp_oauth2_configuration_for_office_365/

  • O365 · PyPI
  • GitHub - moriyoshi/cyrus-sasl-xoauth2: XOAUTH2 mechanism plugin for cyrus-sasl

• Growing pains | Casper van Elteren

  • contrib/mutt_oauth2.py.README · master · Mutt Project / mutt · GitLab
  • GitHub - tarickb/sasl-xoauth2: SASL plugin for XOAUTH2

• Diary: How to use Google G suite OAuth2 with mbsync (from isync) and msmtp on NetBSD

I was wondering if anyone else has been forced to migrate already and can point me in the right direction on NixOS. Thanks for any info you can provide!