[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential bug/inconsistency in auth-source netrc vs plstore backends
|
From: |
Xiyue Deng |
|
Subject: |
Re: Potential bug/inconsistency in auth-source netrc vs plstore backends |
|
Date: |
Fri, 08 Nov 2024 14:11:43 -0800 |
|
User-agent: |
Notmuch/0.38.3 (https://notmuchmail.org) Emacs/29.4 (x86_64-pc-linux-gnu) |
Soham Gumaste <sohamg2@gmail.com> writes:
>> > Hello,
>>
>> Hi Soham,
>
> Hello, thanks for your time.
>
>> What about using a fixed port like ':port "token"'? A similar (mis-)use
>> of :port is used by Tramp, where the port keeps the connection method,
>> like ':port "ssh"'.
>>
> Well, I am trying to satisfy the auth-sources-search query in the
> function nnimap-credentials in nnimap.el. That query requests the
> :port in the spec, and for the query to succeed with the plstore
> backend I need to exactly match the :port attribute in the plist saved
> by oauth2.el. This would mean I would have to store every port the
> user wants to use oauth creds with. Regardless, I still want to know
> if the discrepancy between the netrc and plstore backend is
> intentional or if I can patch it.
>
I think that's how auth-source is supposed to work. People would need 2
entries with different `:port's, one for imap(s), one for smtp, for both to
work. Or maybe there is a better way now?
>> This is documented in the auth manual, at the bottom of (info "(auth)
>> Help for users") . A simiar solution for oauth2.el could be documented
>> there as well.
>>
> My current workaround is to advise the nnimap-credentials with :around
> mode and returning the oauth2 token when appropriate. I'd like to make
> this more first class though. It could be done by simply tweaking the
> plist file stored by oauth2.el but the aforementioned discrepancy is
> the roadblock right now. I dare not try to edit anything in Gnus
> itself.
I think smtpmail uses the `:smtp-auth' attribute to specify which
mechanism to use[1]. In my plugin[2] I'm using `:auth' in a similar
fashion. This has the advantage that one can have both the password and
XOAuth2 credentials in auth-source and can choose which to use simply by
changing `:auth', though this also requires coordination from nnimap[3].
Ideally I think it would be helpful if one can directly request which
mechanism to use in auth-source. For now this has to be done
explicitly, e.g. in nnimap using `(nnimap-authenticator xoauth2)'. If
that's not set, there can be a default sequence of authentication
mechanisms to try, like what nnimap is doing now, but put xoauth2 in
higher priority.
>> > Thanks
>>
>> Best regards, Michael.
>
> Thanks
>
> --
> Soham Gumaste
> sohamg2@gmail.com
>
[1]
https://www.gnu.org/software/emacs/manual/html_node/smtpmail/Authentication.html
[2]
https://gitlab.com/xiyueden/auth-source-xoauth2-plugin/-/blob/main/auth-source-xoauth2-plugin.el?ref_type=heads#L106-107
[3]
https://gitlab.com/xiyueden/auth-source-xoauth2-plugin/-/blob/main/auth-source-xoauth2-plugin.el?ref_type=heads#L48
--
Regards,
Xiyue Deng
signature.asc
Description: PGP signature