bug-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#72992: 29.4; towards xoauth2 support in Emacs


From: Xiyue Deng
Subject: bug#72992: 29.4; towards xoauth2 support in Emacs
Date: Sun, 22 Sep 2024 14:44:33 -0700
User-agent: Notmuch/0.38.3 (https://notmuchmail.org) Emacs/29.4 (x86_64-pc-linux-gnu)

Hi Björn,

Björn Bidar <bjorn.bidar@thaodan.de> writes:

> Andrew Cohen <acohen@ust.hk> writes:
>
>>>>>>> "XD" == Xiyue Deng <manphiz@gmail.com> writes:
>>
>>     XD> Hi Andrew, Andrew Cohen <acohen@ust.hk> writes:
>>
>>     >>>>>>> "XD" == Xiyue Deng <dengxiyue@gmail.com> writes:
>>     >> 
>>
>> [...]
>>
>>     XD> The basic support is actually in the Emacs core already,
>>     XD> e.g. for Gnus nnimap[2] and smtpmail[3].  However, this assumes
>>     XD> one to put the access_token in place of `:secret' in the
>>     XD> auth-source file as Emacs uses password as the access_token in
>>     XD> both places.  However, access_token expires quite frequently
>>     XD> (e.g. about 1 hour for Gmail) and without refreshing it
>>     XD> automatically it is practically impossible to use conveniently.
>>     XD> Hence the propose hack and the following suggestion.
>>     >> 
>>     >> 
>>     >> This isn't actually true. When I added the support many years
>>     >> ago, I updated auth-source so that the :secret field can be a
>>     >> function, and this is how you should be using the current xoauth
>>     >> support.
>>
>>     XD> Thanks for pointing this out!  I found the place where `:secret'
>>     XD> is handled as a function[1].  However, this requires a user to
>>     XD> implement the oauth2 logic oneself, which I'm afraid is a bit
>>     XD> too low-level and error-prone.  (Actually, can I actually put a
>>     XD> lisp function in auth-source.gpg?)  
>>
>> I don't think you have to do anything low level, and I don't think there
>> is anything error prone here; you can use the functions from oauth
>> themselves (oauth2.el can create its own plstores, but I prefer to use
>> auth-source.el to manage the stores).  The only things needed are a call
>> to oauth2-refresh-access to get a new token, and then
>> oauth2-token-access-token to return the new access token.
>
> Is this documented?  If yes where?
> I tried to look inside the auth manual nothing was mentioned.
> Would this method work with all backends?

AIUI as of now you would need to implement this logic as a function in
`:secret' of the auth-source entry.  Please do correct me though.

-- 
Xiyue Deng





reply via email to

[Prev in Thread] Current Thread [Next in Thread]