I found a more practical solution, which is that we don't need OAuth because Google and other providers provide "App passwords", It simply generates a 16-character password for external applications through which to gain access permission.
Thus, we can easily monitor mailboxes because there is no expiration time and the password can also be revoked if the user wants this, like this
The mechanism of App passwords there exists in most email providers like Gmail, Outlook, Yahoo, and AOL, ...
I tried this method in Gmail, Yahoo, AOL and it works very well