last time I tried thunderbird for mail, it didn't support oauth and was still in the less secure apps flow
my sense is that oauth requires centralization and is fairly complex for an OSS org to support? like the thunderbird team would still need to host one redirect and a private key to enable this
As far as I can tell, this is just the app using Google's OAuth.
So instead of typing your password into your IMAP client, that IMAP client sends you to your browser to grant access for it in your Google account settings. At least personally I much prefer that flow anyway, as it doesn't bypass 2FA and doesn't leave my Google password hanging around in some (usually unencrypted) config file on my computer.
Thunderbird supports Google's custom auth protocol for Gmail at least. Yes, only at the discretion of Google which has to authorize Thunderbird to exist - welcome to chokepoint capitalism.
my sense is that oauth requires centralization and is fairly complex for an OSS org to support? like the thunderbird team would still need to host one redirect and a private key to enable this