bug#54758: auth-source plstore encryption

unofficial mirror of bug-gnu-emacs@gnu.org 
 help / color / mirror / code / Atom feed

* bug#54758: auth-source plstore encryption
@ 2022-04-07  0:02 Andrew Cohen
  2022-04-07 11:18 ` Lars Ingebrigtsen
  0 siblings, 1 reply; 2+ messages in thread
From: Andrew Cohen @ 2022-04-07  0:02 UTC (permalink / raw)
  To: 54758

[-- Attachment #1: Type: text/plain, Size: 769 bytes --]

Tags: patch

In the plstore backend in auth-source all tokens are stored unencrypted
with the exception of the "secret". But it is necessary/convenient to
store other items encrypted as well (especially for use with oauth2)
such as the client-secret, and the refresh and access tokens. This small
patch adds the ability to specify which tokens should be stored in
encrypted fashion. 



In GNU Emacs 29.0.50 (build 11, x86_64-pc-linux-gnu, GTK+ Version 3.24.33, cairo version 1.16.0)
 of 2022-04-05 built on clove
Repository revision: 5a509be81c89d7afeb56b3faefd43fee00f1fb90
Repository branch: scratch/local
System Description: Debian GNU/Linux bookworm/sid

Configured using:
 'configure --with-x-toolkit=gtk3 --with-native-compilation --with-pgtk
 --with-xwidgets'


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: patch.diff --]
[-- Type: text/patch, Size: 4801 bytes --]

From 611185f7170db15dc5d036c53fd9c8f4fa1ff04d Mon Sep 17 00:00:00 2001
From: Andrew G Cohen <cohen@andy.bu.edu>
Date: Tue, 22 Mar 2022 13:04:58 +0800
Subject: [PATCH] Encrypt some parameters in auth-source plstore backend

The auth-source plstore backend allows a list of extra parameters but
currently stores them all unencrypted.  This allows a plist with
:unencrypted and :encrypted keys to specify which extra parameters to
encrypt in the plstore file.

* lisp/auth-source.el (auth-source-plstore-create): Allow specifying
both unencrypted and encrypted extra parameters.
---
 lisp/auth-source.el | 45 ++++++++++++++++++++++++++++-----------------
 1 file changed, 28 insertions(+), 17 deletions(-)

diff --git a/lisp/auth-source.el b/lisp/auth-source.el
index cb528cebdc..cd135bd2e2 100644
--- a/lisp/auth-source.el
+++ b/lisp/auth-source.el
@@ -573,19 +573,24 @@ auth-source-search
  or P.  The resulting token will only have keys user, host, and
  port.\"
 
-:create \\='(A B C) also means to create a token if possible.
+:create \\='(A B C)  or
+:create \\='(:unencrypted A B :encrypted C)
+also means to create a token if possible.
 
 The behavior is like :create t but if the list contains any
 parameter, that parameter will be required in the resulting
-token.  The value for that parameter will be obtained from the
-search parameters or from user input.  If any queries are needed,
-the alist `auth-source-creation-defaults' will be checked for the
-default value.  If the user, host, or port are missing, the alist
-`auth-source-creation-prompts' will be used to look up the
-prompts IN THAT ORDER (so the `user' prompt will be queried first,
-then `host', then `port', and finally `secret').  Each prompt string
-can use %u, %h, and %p to show the user, host, and port.  The prompt
-is formatted with `format-prompt', a trailing \": \" is removed.
+token (the second form is used only with the plstore backend and
+specifies if any of the extra parameters should be stored in
+encrypted format.)  The value for that parameter will be obtained
+from the search parameters or from user input.  If any queries
+are needed, the alist `auth-source-creation-defaults' will be
+checked for the default value.  If the user, host, or port are
+missing, the alist `auth-source-creation-prompts' will be used to
+look up the prompts IN THAT ORDER (so the `user' prompt will be
+queried first, then `host', then `port', and finally `secret').
+Each prompt string can use %u, %h, and %p to show the user, host,
+and port.  The prompt is formatted with `format-prompt', a
+trailing \": \" is removed.
 
 Here's an example:
 
@@ -2131,12 +2136,17 @@ auth-source-plstore-create
   (let* ((base-required '(host user port secret))
          (base-secret '(secret))
          ;; we know (because of an assertion in auth-source-search) that the
-         ;; :create parameter is either t or a list (which includes nil)
-         (create-extra (if (eq t create) nil create))
+         ;; :create parameter is either t, or a list (which includes nil
+         ;; or a plist)
+         (create-extra-secret (plist-get create :encrypted))
+         (create-extra (if (eq t create) nil
+                         (or (append (plist-get create :unencrypted)
+                                     create-extra-secret) create)))
          (current-data (car (auth-source-search :max 1
                                                 :host host
                                                 :port port)))
          (required (append base-required create-extra))
+         (required-secret (append base-secret create-extra-secret))
          ;; `valist' is an alist
          valist
          ;; `artificial' will be returned if no creation is needed
@@ -2158,10 +2168,11 @@ auth-source-plstore-create
               (auth-source--aput valist br br-choice))))))
 
     ;; for extra required elements, see if the spec includes a value for them
-    (dolist (er create-extra)
-      (let ((k (auth-source--symbol-keyword er))
-            (keys (cl-loop for i below (length spec) by 2
-                           collect (nth i spec))))
+    (let ((keys (cl-loop for i below (length spec) by 2
+                         collect (nth i spec)))
+          k)
+      (dolist (er create-extra)
+        (setq k (auth-source--symbol-keyword er))
         (when (memq k keys)
           (auth-source--aput valist er (plist-get spec k)))))
 
@@ -2225,7 +2236,7 @@ auth-source-plstore-create
                            (eval default)))))
 
         (when data
-          (if (member r base-secret)
+          (if (member r required-secret)
               (setq secret-artificial
                     (plist-put secret-artificial
                                (auth-source--symbol-keyword r)
-- 
2.34.1.575.g55b058a8bb


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* bug#54758: auth-source plstore encryption
  2022-04-07  0:02 bug#54758: auth-source plstore encryption Andrew Cohen
@ 2022-04-07 11:18 ` Lars Ingebrigtsen
  0 siblings, 0 replies; 2+ messages in thread
From: Lars Ingebrigtsen @ 2022-04-07 11:18 UTC (permalink / raw)
  To: Andrew Cohen; +Cc: 54758

Andrew Cohen <acohen@ust.hk> writes:

> In the plstore backend in auth-source all tokens are stored unencrypted
> with the exception of the "secret". But it is necessary/convenient to
> store other items encrypted as well (especially for use with oauth2)
> such as the client-secret, and the refresh and access tokens. This small
> patch adds the ability to specify which tokens should be stored in
> encrypted fashion. 

Makes sense to me; pushed to Emacs 29.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no





^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2022-04-07 11:18 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-07  0:02 bug#54758: auth-source plstore encryption Andrew Cohen
2022-04-07 11:18 ` Lars Ingebrigtsen

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).