From: Philip Kaludercic <philipk@posteo.net>
To: Xiyue Deng <manphiz@gmail.com>
Cc: 72992@debbugs.gnu.org
Subject: bug#72992: 29.4; towards xoauth2 support in Emacs
Date: Sun, 22 Sep 2024 09:34:08 +0000 [thread overview]
Message-ID: <87tte89gmn.fsf@posteo.net> (raw)
In-Reply-To: <87sets416y.fsf@debian-hx90.lan> (Xiyue Deng's message of "Sun, 22 Sep 2024 00:06:29 -0700")
[-- Attachment #1: Type: text/plain, Size: 7600 bytes --]
Xiyue Deng <manphiz@gmail.com> writes:
> Hi Philip,
>
> Philip Kaludercic <philipk@posteo.net> writes:
>
>> Xiyue Deng <manphiz@gmail.com> writes:
>>
>>> Philip Kaludercic <philipk@posteo.net> writes:
>>>
>>>> Xiyue Deng <manphiz@gmail.com> writes:
>>>>
>>>>> Now that bug#72358 is done, as promised, I'm posting my plugin for
>>>>> auth-sources that enables oauth2 handling which you can find on
>>>>> Gitlab[1] (also attached).
>>>>
>>>> Once again I just want to be sure: When you say "plugin", you mean
>>>> package, right?
>>>
>>> Yes, though it's not really an independent package but a "plugin" for
>>> auth-source, a.k.a. a hack (the advice) to make auth-source to work with
>>> xoauth2.
>>
>> Just to clarify: When I say package, I mean something to add to ELPA.
>>
>
> Ah in that regard yes.
>
>>>> You are proposing to add this to GNU ELPA?
>>>
>>> Actually I would like to see which of my proposed changes to auth-source
>>> is acceptable and update auth-source in core accordingly.
>>
>> Sure it's acceptable, but in that case it would better to submit a patch
>> modifying. auth-source.el
>>
>>> I think
>>> Stefan's reply gave some suggestions in this regard and I'll follow-up
>>> in a reply there.
>>
>> I just want to second Stefan's point that some clarification as to what
>> xoauth2 is.
>>
>
> Updated the comments section with this info.
Great, that explains it well!
>>> Meanwhile, it may still worth adding this package
>>> to ELPA to support older Emacs versions if desired.
>>
>> In that case it might be better not to merge your changes into
>> auth-source.el directly, as that would make it more difficult to
>> automatically pull your changes out of the core to ELPA.
>>
>> An alternative is that ELPA mirrors your repository, and then we
>> manually synchronise the changes into the core, whenever there is a new
>> release.
>>
>
> I was thinking making it only for Emacs <30 if the auth-source side
> changes are upstreamed for 31. Similar to "docker-tramp" which is only
> for EMacs <28.
The issue here is that tramp is developed outside of Emacs and
synchronised manually back into the core/automatically on ELPA, while
auth-source is currently only in the core and not distributed on ELPA.
If this remains a separate file, we could easily add it to ELPA, but I
don't know what the preference is there.
>>
>> [...]
>>
>>>>> (let ((auth (plist-get auth-data :auth)))
>>>>> (when (and auth
>>>>> (stringp auth)
>>>>> (string= auth "xoauth2"))
>>>>
>>>> You can simplify the check by just doing (equal auth "xoauth2"), as this
>>>> implies all of the above (if it is `equal' to a string, it must be a
>>>> string and hence also non-nil).
>>>>
>>>
>>> Done. Nice tip! Coming from strong-typed languages I always want to do
>>> type-checks first in fear of any aborting error :)
>>
>> If you want strong typing, then string= is the right thing to use,
>> because if you want to assume that auth is always a string, then an
>> error will be signalled. That being said, if auth has the type "Maybe
>> String", then checking the values explicitly or implicitly using equal
>> is the right approach.
>>
>
> Ack. Thanks for the tip!
>
>>
>> [...]
>>
>>>>> (auth-source-do-trivia "Using oauth2 to auth and store token...")
>>>>> (let ((token (oauth2-auth-and-store
>>>>> auth-url token-url scope client-id client-secret
>>>>> redirect-uri state)))
>>>>> (auth-source-do-trivia "oauth2 token: %s" (pp-to-string token))
>>>>> (auth-source-do-trivia "Refreshing token...")
>>>>> (oauth2-refresh-access token)
>>>>> (auth-source-do-trivia "oauth2 token after refresh: %s"
>>>>> (pp-to-string token))
>>>>> (let ((access-token (oauth2-token-access-token token)))
>>>>> (auth-source-do-trivia
>>>>> "Updating :secret with access-token: %s" access-token)
>>>>> (plist-put auth-data :secret access-token))))))
>>>>
>>>> The documentation for plist-put warns:
>>>>
>>>> The new plist is returned;
>>>> use ‘(setq x (plist-put x prop val))’ to be sure to use the new value.
>>>> The PLIST is modified by side effects.
>>>>
>>>> Alternatively, you should also be able to do:
>>>>
>>>> (setf (plist-get auth-data :secret) access-token)
>>>>
>>>
>>> Ah didn't know this as I learned the usage of plist-put from searching.
>>> Changed to your `setq' version. Though I'd also expect that the side
>>> effect is not going away anytime soon either ;)
>>
>> I am not sure what you mean? The crux of the issue is demonstrated
>> here:
>>
>> (let (plist)
>> (list (plist-put plist :foo 1) plist))
>> ;; ((:foo 1) nil)
>>
>> I.e. the plist was not modified, because there was no cons-cell to
>> modify.
>>
>
> I see. Thanks for the explanation. Looks like the side effect worked
> for me because auth-data already had data in it.
Probably, but that's not the kind of thing I want to rely on.
>>
>> [...]
>>
>>>>> #'auth-source-xoauth2-plugin--search-backends))
>>>>
>>>> I would recommend turning this into a global minor mode instead, so that
>>>> it is easy to disable, if a user just wants to try it out.
>>>>
>>>
>>> This is an interesting suggestion and sounds like a good idea. Though
>>> as a matter of fact the oauth2 support in auth-source in Emacs core
>>> actually doesn't work without those hack as of now, so I don't think
>>> it's of interest to support turning off.
>>
>> I regard it as a matter of good style to allow the user to disable
>> anything then can enable, if anything then just to allow better
>> experimentation.
>>
>
> You actually convinced me. Making it a minor mode also enables a user
> to disable it temporarily if it causes any issues. It took me a while
> to convert it. Please help take another look.
Looks good.
>>> But of course it would be
>>> great if auth-source can be changed to support all this out-of-the-box.
>>> Will continue the discussion in my reply to Stefan.
>>
>> Ack.
>>
>>> I have updated the source code on GitLab[1] based on your review.
>>> Please check it out. Thanks very much!
>>
>> For anyone following the thread, it seem the footnote was missing:
>>
>> [1]https://gitlab.com/xiyueden/auth-source-xoauth2-plugin/-/blob/main/auth-source-xoauth2-plugin.el
>>
>> Watch out, in
>>
>> (unless (memq 'xoauth2 smtpmail-auth-supported)
>> (push 'smtpmail-auth-supported 'xoauth2))
>>
>> the push expression is malformed, as 'xoauth2 is not a place. I'm
>> guessing that you want to write
>>
>> (... (push 'xoauth2 smtpmail-auth-supported))
>>
>
> Thanks! Fixed.
>
>> Also, checkdoc complains about
>> `auth-source-xoauth2-plugin--search-backends's docstring. I'd try to
>> address the issues it mentions.
>>
>
> Also fixed. Thanks!
>
>> The (and auth (equal auth "xoauth2")) can be further simplified to just
>> (equal auth "xauth2"), as if auth is equal to "xauth2" is cannot be nil.
>>
>
> Ack and simplified.
>
> The GitLab repo[1] is updated accordingly. PTAL. TIA!
Looks good, just a few "soft" comments I can find:
[-- Attachment #2: Type: text/plain, Size: 2746 bytes --]
diff --git a/auth-source-xoauth2-plugin.el b/auth-source-xoauth2-plugin.el
index cdcc9e7..caf5baf 100644
--- a/auth-source-xoauth2-plugin.el
+++ b/auth-source-xoauth2-plugin.el
@@ -41,7 +41,7 @@
;; or with use-package:
;; (use-package auth-source-xoauth2-plugin
-;; :config
+;; :custom
;; (auth-source-xoauth2-plugin-mode t))
;; After enabling, smtpmail should be supported. To enable this in Gnus
@@ -107,13 +107,13 @@ expected that `token_url', `client_id', `client_secret', and
(when (equal auth "xoauth2")
(auth-source-do-debug
":auth set to `xoauth2'. Will get access token.")
- (map-let ((:auth-url auth-url)
- (:token-url token-url)
- (:scope scope)
- (:client-id client-id)
- (:client-secret client-secret)
- (:redirect-uri redirect-uri)
- (:state state))
+ (map-let (:auth-url ;You can simplify the `map-let'
+ :token-url ;expression if they keys match
+ :scope ;the bindings like they do here.
+ :client-id ;Perhaps you can use the additional
+ :client-secret ;space to document what the keys
+ :redirect-uri ;are for?
+ :state)
auth-data
(auth-source-do-debug "Using oauth2 to auth and store token...")
(let ((token (oauth2-auth-and-store
@@ -138,8 +138,7 @@ expected that `token_url', `client_id', `client_secret', and
res)))
(defvar auth-source-xoauth2-plugin--enabled-xoauth2-by-us nil
- "Used for tracking whether xoauth2 in smtpmail-auth-supported is
-set by us.")
+ "Non-nil means `smtpmail-auth-supported' was set by us.")
(defun auth-source-xoauth2-plugin--enable ()
"Enable auth-source-xoauth2-plugin."
@@ -154,17 +153,17 @@ set by us.")
"Disable auth-source-xoauth2-plugin."
(when (and auth-source-xoauth2-plugin--enabled-xoauth2-by-us
(memq 'xoauth2 smtpmail-auth-supported))
- (delete 'xoauth2 smtpmail-auth-supported)
+ (setq smtpmail-auth-supported (delq 'xoauth2 smtpmail-auth-supported))
(setq auth-source-xoauth2-plugin--enabled-xoauth2-by-us nil))
(advice-remove #'auth-source-search-backends
#'auth-source-xoauth2-plugin--search-backends))
+;;;###autoload
(define-minor-mode auth-source-xoauth2-plugin-mode
"Toggle auth-source-xoauth2-plugin-mode.
Enable auth-source-xoauth2-plugin-mode to use xoauth2
authentications for emails."
- :lighter nil
:global t
(if auth-source-xoauth2-plugin-mode
(auth-source-xoauth2-plugin--enable)
[-- Attachment #3: Type: text/plain, Size: 296 bytes --]
>
>>>>>
>>>>> (provide 'auth-source-xoauth2-plugin)
>>>>>
>>>>> ;;; auth-source-xoauth2-plugin.el ends here
>>>>
>>>> --
>>>> Philip Kaludercic on siskin
>>
>> --
>> Philip Kaludercic on siskin
>
> [1] https://gitlab.com/xiyueden/auth-source-xoauth2-plugin
--
Philip Kaludercic on siskin
next prev parent reply other threads:[~2024-09-22 9:34 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-02 8:34 bug#72992: 29.4; towards xoauth2 support in Emacs Xiyue Deng
[not found] ` <handler.72992.B.172532159013230.ack@debbugs.gnu.org>
2024-09-11 0:27 ` Xiyue Deng
2024-09-17 17:33 ` Xiyue Deng
2024-09-17 19:12 ` Philip Kaludercic
2024-09-18 6:24 ` Xiyue Deng
2024-09-18 14:11 ` Philip Kaludercic
2024-09-22 7:06 ` Xiyue Deng
2024-09-22 9:34 ` Philip Kaludercic [this message]
2024-09-22 22:00 ` Xiyue Deng
2024-09-23 6:17 ` Philip Kaludercic
2024-09-23 6:39 ` Xiyue Deng
2024-09-17 21:33 ` Stefan Kangas
2024-09-18 19:43 ` Xiyue Deng
2024-09-19 5:13 ` Andrew Cohen
2024-09-19 8:22 ` Xiyue Deng
2024-09-19 9:06 ` Andrew Cohen
2024-09-19 22:37 ` Xiyue Deng
2024-09-22 12:05 ` Björn Bidar via Bug reports for GNU Emacs, the Swiss army knife of text editors
[not found] ` <66f00802.050a0220.988f0.9640SMTPIN_ADDED_BROKEN@mx.google.com>
2024-09-22 21:40 ` Xiyue Deng
2024-09-22 23:50 ` Björn Bidar via Bug reports for GNU Emacs, the Swiss army knife of text editors
[not found] ` <66f0ad4f.500a0220.10c3c2.dde8SMTPIN_ADDED_BROKEN@mx.google.com>
2024-09-23 2:20 ` Xiyue Deng
2024-10-03 22:41 ` Xiyue Deng
2024-10-08 13:38 ` Ted Zlatanov
2024-11-09 20:01 ` Xiyue Deng
2024-09-22 12:01 ` Björn Bidar via Bug reports for GNU Emacs, the Swiss army knife of text editors
[not found] ` <66f00712.170a0220.29d948.0047SMTPIN_ADDED_BROKEN@mx.google.com>
2024-09-22 21:44 ` Xiyue Deng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87tte89gmn.fsf@posteo.net \
--to=philipk@posteo.net \
--cc=72992@debbugs.gnu.org \
--cc=manphiz@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).