GSoC 2026 Midterm Update - Jenkins Email Notifications using Outlook SMTP with OAuth
Hey everyone!
We’ve hit the midpoint of GSoC 2026, so here’s an update on Jenkins email notifications using Outlook SMTP with OAuth, the project I’ve been working on with the email-ext plugin.
What I’ve Accomplished So Far
The first half was mostly about building out OAuth 2.0 support for SMTP across both Microsoft Entra ID and Google Workspace, alongside the existing username/password flow. That meant reworking how the plugin decides which authentication path to use depending on the credential type, while keeping the retry and error handling logic shared across providers.
Along the way I ran into and fixed a few real bugs, including one in how OAuth tokens were being sent over SMTP that violated the protocol spec once tokens got long enough. I also added better test coverage using GreenMail so we could actually exercise the SMTP protocol instead of relying purely on mocks, which surfaced quite a few issues. We wrapped up the first half with a midterm presentation walking through everything.
What I’ve Learned
This half has been challenging but fulfilling. A good chunk of the progress came from talking through ideas with my mentors, hitting a wall, and working through the problem again from a different angle. The trickier bugs only really got resolved because I could bring them up in discussion.
The other big lesson has been around testing. Writing proper tests forced me to slow down and read through the existing mail sending code carefully, and that’s exactly how I found some of the bugs above. It made something click that I understood in theory but hadn’t really seen in action before, good tests are what stops you from quietly breaking things that already worked while we are making our changes.
Going in, I expected contributing to a project like Jenkins to feel pretty rigid and strict. It’s been the opposite. The community, and my mentors especially, have been very helpful and quick to jump into a discussion whenever I got stuck.
One hiccup we faced was getting a real Entra application set up to test against, which took longer than expected. We pivoted to a Google Workspace trial account instead, which let us validate the OAuth flow end to end without waiting on that.
What Lies Ahead
We recently got maintainer rights on the oauth-credentials plugin, which lets us make a change we’ve wanted for a while: introducing a factory for requirement objects so provider plugins don’t each need to be pulled in as explicit dependencies. Beyond that, the plan for the second half is to add a test send email feature so admins can verify their setup directly from Jenkins, write documentation and migration guidance, and keep working through the smaller bugs we found during testing.
Acknowledgements
Thanks to my mentors, Alex Earl and Kris Stern, for being responsive and generous with their time so far.