Gmail used by MailEater is migrated to OAuth 2.0 authentication, token functional expires after an hour, and the automatic refresh request is not being triggered, or the renewal isn’t functioning as expected.

Behaviour observed is that after setting up the Oauth Setup for Maileater the access token will work for just one hour, after which the token stops working.  

Entries which may present in the maileater_nxd.log

2025-05-07 09:08:35:698 ERROR  [ForkJoinPool-1-worker-11] c.c.S.m.c.JavaMailIMAPClient - [ID:(servicedesk@example.com ),HN:(imap.gmail.com)] -> [IMAPS|993] Failed to connect to the Store.
javax.mail.AuthenticationFailedException: [AUTHENTICATIONFAILED] Invalid credentials (Failure)
...
2025-05-07 09:08:35:698 DEBUG  [ForkJoinPool-1-worker-11] c.c.S.m.ConnectSession - Access Token has expired...generating a fresh one....and trying again...

2025-05-07 09:08:35:698 ERROR  [ForkJoinPool-1-worker-11] c.c.S.mail.OAuthProcessor - Refresh token is missing....can not get access token...

2025-05-07 09:08:35:698 ERROR  [ForkJoinPool-1-worker-11] c.c.S.m.ConnectSession - Failed to get a fresh access token...can not proceed further....

Release: 17.4 GA - RU4

Component: Google Mail -OAuth2

Google OAuth Access token is not inserted into DB

Google had modified the behaviour of sending refresh token.  Once the access token is expired, we use refresh token to refresh the expired access token. Earlier, gmail used to send the new access token as well as the new refresh token.  This behaviour was changed so that a new refresh token is not sent if the previous refresh token is still valid.