From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Xiyue Deng Newsgroups: gmane.emacs.bugs Subject: bug#72992: 29.4; towards xoauth2 support in Emacs Date: Sat, 09 Nov 2024 12:01:15 -0800 Message-ID: <87cyj4rxbo.fsf@debian-hx90.lan> References: <87h6ayfo87.fsf_-_@debian-hx90.lan> <877cb8oihg.fsf@debian-hx90.lan> <878qvocjkz.fsf@ust.hk> <87ldzom4rz.fsf@debian-hx90.lan> <87zfo4au81.fsf@ust.hk> <878qvnmfrp.fsf@debian-hx90.lan> <87wmio3j35.fsf@debian-hx90.lan> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="35126"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Notmuch/0.38.3 (https://notmuchmail.org) Emacs/29.4 (x86_64-pc-linux-gnu) Cc: Andrew Cohen , Philip Kaludercic , 72992@debbugs.gnu.org, Stefan Kangas To: Ted Zlatanov Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Sat Nov 09 21:03:17 2024 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1t9rfw-0008x2-4D for geb-bug-gnu-emacs@m.gmane-mx.org; Sat, 09 Nov 2024 21:03:16 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1t9rfk-0001Ya-9V; Sat, 09 Nov 2024 15:03:04 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1t9rfi-0001Y6-Kc for bug-gnu-emacs@gnu.org; Sat, 09 Nov 2024 15:03:02 -0500 Original-Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1t9rfi-0004et-BC for bug-gnu-emacs@gnu.org; Sat, 09 Nov 2024 15:03:02 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:References:In-Reply-To:From:To:Subject; bh=S3GAou1LY2mhOSdxbL1fo1foLlxY9rO2P8Y/KPG1XWQ=; b=UIiRg5fAJy1BbWz5UY301TNmCMPAm43bthVe6bZxFhSmOSuqImam8NxyrsK2nHWdOIaH+cdOqiUdhmnC6sNvcKB5YJVaNg/YNPdi0kEfyUWTglbniiD/GL6CVcvLqM02JmSh9fckhXxFR07ElxjlSrrgdwU5k99k9cOxie8Yk+ylIH8jn5dQyAMklN+2B5MfgU5DfNA+U6g8ScASHd99D5/jMCdgKCRdYdUq6ef3oDh6cavB1Qsb9wlM8+0UzCwp3J5o4/l65t3usW5qgYpOgXPfXJSNIM8RVoSgb561BM4xebdxRNdCyYM7rTlbHGqYWExAMzkY6/96P3nR+fDNHA==; Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1t9rfh-000523-TF for bug-gnu-emacs@gnu.org; Sat, 09 Nov 2024 15:03:01 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Xiyue Deng Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sat, 09 Nov 2024 20:03:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 72992 X-GNU-PR-Package: emacs Original-Received: via spool by 72992-submit@debbugs.gnu.org id=B72992.173118254919286 (code B ref 72992); Sat, 09 Nov 2024 20:03:01 +0000 Original-Received: (at 72992) by debbugs.gnu.org; 9 Nov 2024 20:02:29 +0000 Original-Received: from localhost ([127.0.0.1]:54571 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1t9rfA-000510-PZ for submit@debbugs.gnu.org; Sat, 09 Nov 2024 15:02:29 -0500 Original-Received: from mail-pl1-f179.google.com ([209.85.214.179]:46113) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1t9rf7-00050k-JQ for 72992@debbugs.gnu.org; Sat, 09 Nov 2024 15:02:26 -0500 Original-Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-20cf3e36a76so34614375ad.0 for <72992@debbugs.gnu.org>; Sat, 09 Nov 2024 12:02:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1731182479; x=1731787279; darn=debbugs.gnu.org; h=mime-version:message-id:date:user-agent:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=S3GAou1LY2mhOSdxbL1fo1foLlxY9rO2P8Y/KPG1XWQ=; b=N7n5aLqcV5hFY7kfa+XTGNfS0LuMYy2fVhoUAokQzkWFAsBbEtzLEp0E0yX7zW2gTW 6zHSQS7p303tb9ESBUnUV0u/8MYqJahrcf04r+KmU695V87Ybg68WPF/dOnXpr5UX4nA pbQOQXoEouJEGBZ1zKstvWFYgPX3N4qT61lblYmf3Biv6jrlRgUhMKIlTFkMVb6NFSFK Yei0AnRkP0sutwYmOZYNDB0ye1YuzjmBeRug6arDjqxNAEoficAWsx7I/uEP9m5wXgh8 SbeQcpTuYqjDp3dVF5J9dAVHsgtOkrl3matIn2GhB7BpQhlYnDTopSmHEALDVpTpGye0 EXjg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731182479; x=1731787279; h=mime-version:message-id:date:user-agent:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=S3GAou1LY2mhOSdxbL1fo1foLlxY9rO2P8Y/KPG1XWQ=; b=S0HEVnunD0/tPrhSoRTZFuEZZQ2I4m+z4zsTqKlQhmNhRvmjV5cHFxj0pq/RA0KKTO 5Xkq4iy/EYhizMudf3wcACKDWRpcM+L+gufKXOWLqiz7XuDD4rLu81pkJJ9aPf1J72B+ iZLSPZrBVeJBRUa8SurCqTll2FjBWGUqTGswszkuT5HYRhqp4IPGYAcocrBYcT886Mdu gVBLcYqHAvtyNxtFNAuOuDqqd/WB5C3S2ca66Au3UMWZJ2zM3OT6OmPKMcnoH8OeMAMa uYKWE/if6hBAoF7QIWuWdnxlADbzrE5n7ZWqtWTXKnpLMiNiV1uEXaiFdxe+U6ik6aCG 5+/w== X-Forwarded-Encrypted: i=1; AJvYcCUdsAP6+FrhOBBOYg/g3tyY2sIAEyhYAC1KZOrUxUUxFPMX+6VSA9uFCB/yxoqVBys44u6dFA==@debbugs.gnu.org X-Gm-Message-State: AOJu0YwqjTlIslserSvwfml3JK39WQypCxqGBY00t8tVT1wBlbbhAaj3 bOoQDx7SeNz0TD5FKd3vNebnl08wGAbVkqfdw2ubJZfCZT4ZVp02 X-Google-Smtp-Source: AGHT+IHTU4ofY5NtCbg2+bKZE/ucVggIPxIJ0cw+tDKI7avXv6v+qac+UDEQoyrGttAFsSZWDZ6jog== X-Received: by 2002:a17:902:f70b:b0:20c:c482:1d66 with SMTP id d9443c01a7336-211835beeaemr103985645ad.35.1731182479394; Sat, 09 Nov 2024 12:01:19 -0800 (PST) Original-Received: from debian-hx90 (syn-076-094-249-045.res.spectrum.com. [76.94.249.45]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21177e68dfasm49642575ad.225.2024.11.09.12.01.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 09 Nov 2024 12:01:18 -0800 (PST) In-Reply-To: X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:295155 Archived-At: --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi Ted, Ted Zlatanov writes: > On Thu, 03 Oct 2024 15:41:34 -0700 Xiyue Deng wrote:= =20 > > XD> Just want to follow up on this: may we try your fixes and maybe try to > XD> contribute for committing upstream? Also, for the :secret in closure= s, > XD> do you suggest to remove it or is there another up-to-date way to hide > XD> it in memory? > > I think contributing the oauth2 support directly to Emacs is the best > approach because it would help the greatest number of users without > requiring extra configuration. I'd say modifying auth-source.el to fit > the need is absolutely OK. I would just ask that if you modify the > format of the authinfo file, to keep it compatible with JSON > serialization for those of us that use an authinfo.json file. > > I'd prefer to find another way to hide the secrets if closures don't > work anymore. I don't know if Emacs offers something; if not then we > should make an effort to do it. But that effort should not block the > oauth2 support, it's completely separate IMO. > > XD> Maybe auth-source source can host a helper function that checks > XD> if `:secret' is not set and xaouth2 is preferred (e.g. `:auth' > XD> is `xoauth2') and all required credentials are available it will > XD> get the access_token and put it `:secret' (or basically my hacky > XD> advice :) > > Sure, if that makes the code easier. I think the important thing is just > to make it compatible with the current usage and to avoid making the > user customize things to make oauth2 support Just Work. > > XD> In this regard, is it desirable to make `auth-source-search-backends'= a > XD> defgeneric acting on a given protocol (basic vs. xoauth2 vs. others), > XD> and similarly for `nnimap-login' et al.? > > I'm not sure if that would benefit the users. If it benefits the > developers that's nice, but definitely not required, and especially if > it changes the search API and can't be implemented in a compatible way. > Because there may be a dozen packages on Github or whatever using that > API, and updating all of them will be painful. > > Basically if the search API works right now, it's probably easier to > leave it or make a new one and transition gradually. > > I hope this was helpful :) > > --=20 > Ted Zlatanov It seems I completely missed your email, and sorry for that. I think your suggestions are very helpful: we should make oauth2 available for auth-source while keeping the existing interface. I think there are a few more things to do before that can happen: * Ship oauth2.el with Emacs, so that auth-source can make use of it. * Decide which sequence of credentials to try before giving up and throw an error. I wonder how hard it would be to make these happen. Since this thread is already very long, I'll probably file new bugs for tracking. Thanks again! =2D-=20 Regards, Xiyue Deng --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJGBAEBCgAwFiEEiKQfd6o81mjI+LWALell7WOCXJMFAmcvv4sSHG1hbnBoaXpA Z21haWwuY29tAAoJEC3pZe1jglyTJwcP/i0gVQL3Sv/s1pTecQ8zczlUrVE2KloY uuA1jch/KxBEzB9laFP6oA+2Es/esB/D/RSgzoUQj77q6t5Tr1IzHwQ2G4RyAkIq jM+rWBAZrQfMXJBGGcevpmMp+CH9PTgGuyAgi2FFWchdwpp4ti/DFqLW66tsxR9E NfZMWkMqop/OFEp0tsb+7meFZ2lT8V+0imowwJaNYQ1pQIlmmc0pKQAwZei9bJBO b5ICDc3eEdrcE3hDrL8NAoabnO5doAuq0OcfFDdem+9w6pssUQadnARPpGOOmV3M 35TIVgTFW4J87Zy2G5Dl1PP0Mh8zL4+6MQoqusnJvkFMaVIco4L5uoix0ESWyqbf +JrhGdpaWiX0iKCjgaWnZHtz4z5jYf+jIKyUv1yfRZd2XdgwGyC5yWvyokpyUfNT 8qsjtHRk/ia11IOWxSZSzH/JLGvB4DNJm34mRgQQwt574rNOA0X2ieAUFc3/f1er LCALog6rSJdfF88yLAk+l8MWaRCvmAZyqKlETr7C7dWKJfMNn8RHEoy3ZfljdnBQ dYJkEuJn9OaJkM3IzGhFgWhCBroLgmZgq73OsnixwiWCMAci65R9/CXKSlKdvmcv aPUNUDTvoISsfBVF9kX29OmbK1LKANNo3uxaS2tvhZRdub84oQTno/+zw/1J/xRO fsJF8RcUidyo =uw4s -----END PGP SIGNATURE----- --=-=-=--