Re: Potential bug/inconsistency in auth-source netrc vs plstore backends

[Soham Gumaste]

Hello, thanks for the reply!

>
> I have done some recent improvements to `oauth2.el'[1] and provided a
> hackish solution to use it with auth-source[2].  I wonder whether you
> have tried those out and would like to get your feedback.
>

My changes are not that elaborate, Im just trying to convince
auth-sources that the oauth2 access token is a "password"

> I am also interested in what you are adding to/modifying `oauth2.el'.
> In case it's related, in the previous bugs I saw people seemed confused
> about why `oauth2.el' used a separate storage for storing
> refresh_token/access_token/etc. while still keeping the other
> credentials (e.g. client_id, client_secret, etc.) in auth-sources.  My
> understanding is that the data in the separate plstore are ephemeral,
> e.g. they can expire and need to be refreshed, so it makes sense to use
> a separate storage.  This also can be helpful in case you want to keep
> it in sync among multiple machines.
>

I didn't take the ephemeral part into account. What I am doing is summarised as:
1) Change the default filename to be `oauth2.plist` instead of
`oauth2.plstore` as that automatically activates the plstore backend
in auth-info when the file is listed in auth-sources
2) Store the access-token a second time as `:secret`
3) Store additional data like :user/:login and :host

I can share my patch if you're curious but it really isn't ready/in
the hacking stage. Basically my reference point is to make it satisfy
the search query in nnimap.el/smtpmail.el which is my use case.

My roadblock currently is that the auth-sources-plstore-search
function REQUIRES that the :port also matches, whereas the netrc
backend has no such requirement. I could just save all the ports im
going to use in the plist file but thats really a non-solution and I'd
like more clarity on this discrepancy.

Thanks,
-- 
Soham Gumaste
sohamg2@gmail.com