[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Extending auth-source and plstore for more XOAUTH2 scenarios
From: |
Farblos |
Subject: |
Extending auth-source and plstore for more XOAUTH2 scenarios |
Date: |
Thu, 11 May 2023 22:22:11 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 |
Hi,
I've made some extensions to package auth-source and plstore to cover
more XOAUTH2 scenarios. My employer uses MS Office 365 with a device
grant for the MUTT/Gnus/whatever outcasts, where you need additional URL
parameters to refresh an access token. Plus I store the access token
*and* its expiry date in a plstore to avoid token refresh cycles as much
as possible.
The changes comprise:
- A function `plstore-update' with signature similar to that of
`plstore-put', but which merges new properties with existing properties.
- An auth-source backend `auth-source-plstore-xoauth2' that allows for
an arbitrary function to be called to perform the actual token requests.
Plus auxiliary functions to do the dirty URL interfacing. (I could
deliver that part as a separate package on (M)ELPA, or wherever, BTW.)
Some more changes (not all of which I have implemented yet):
- Nullify the plstore data structure when `plstore-close' gets called to
avoid clear-text credentials lingering around.
- Make plstores a bit more edit-friendly. For example, keep the plstore
non-secret and secret data between some pre-defined markers, but keep
the rest of the text unchanged when reading and writing plstore data.
That would allow for local variables at the end of the plstore.
- Provide auto-closing plstores, probably also configurable with local
variables.
- Allow auth-source backends to specify credential expiry per backend.
For the `auth-source-plstore-xoauth2' backend, for example, auth-source
expiry and plstore expiry (if it gets implemented) and the access token
expiry should be all synchronized to avoid funny results.
So much for the bigger picture. What do you think? Would you accept
changes in that direction?
In parallel I'm trying to get the FSF copyright assignment done.
Thanks
Farblos
- Extending auth-source and plstore for more XOAUTH2 scenarios,
Farblos <=