From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Xiyue Deng Newsgroups: gmane.emacs.bugs Subject: bug#72358: 29.4; oauth2.el improvements Date: Fri, 02 Aug 2024 01:09:55 -0700 Message-ID: <87y15f4a7g.fsf@debian-hx90.lan> References: <87mslz8yzk.fsf@debian-hx90.lan> <9717.00003590144$1722349291@news.gmane.org> <87r0bbvt9d.fsf@gmail.com> <871q3a8y1j.fsf@debian-hx90.lan> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="10859"; mail-complaints-to="usenet@ciao.gmane.io" Cc: =?UTF-8?Q?Bj=C3=B6rn?= Bidar , Robert Pluim , 72358@debbugs.gnu.org To: Thomas Fitzsimmons Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Fri Aug 02 10:12:04 2024 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1sZnOO-0002cg-1c for geb-bug-gnu-emacs@m.gmane-mx.org; Fri, 02 Aug 2024 10:12:04 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sZnO7-0006Xz-6G; Fri, 02 Aug 2024 04:11:47 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sZnO5-0006Qm-04 for bug-gnu-emacs@gnu.org; Fri, 02 Aug 2024 04:11:45 -0400 Original-Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sZnO4-00035i-Nc for bug-gnu-emacs@gnu.org; Fri, 02 Aug 2024 04:11:44 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:References:In-Reply-To:From:To:Subject; bh=yEEAHyMG/NHWg8M7lVDhpRYRh/wX3pjGm7e1b7kFBNs=; b=r8GUgjzNfKGMcAluya8x1pLCKVXagz5/fLmx8OPYGR14IeYrGoRBn2f/GewHh/4i67sJ6HSwP93Mnp0fd7NFJu448bqI+32Mhqw89odf7e+yT+ZY+VhKqMexJkm1utrYI5PvZQRXgP/GKGfubd5wIjvccNc5puUbaFAMgSPlUbRwBEoYHijsTKRusWH4k5pPTR4qY1pqmYWSvwjeon5rYcbedmtmIwTLdAxWDtFa56N/JyTOlV3ibFMAVCieNNeNY0FwIUSPk3LBnO1HxL29F7Lw61KW8cE6Ki2UJSGEI8w53Vrb4vDVuVEIMAewnuyMxG43LwmBQF+SAOrMHIFKMA==; Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sZnOM-0000CX-Be for bug-gnu-emacs@gnu.org; Fri, 02 Aug 2024 04:12:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Xiyue Deng Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 02 Aug 2024 08:12:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 72358 X-GNU-PR-Package: emacs Original-Received: via spool by 72358-submit@debbugs.gnu.org id=B72358.1722586292731 (code B ref 72358); Fri, 02 Aug 2024 08:12:02 +0000 Original-Received: (at 72358) by debbugs.gnu.org; 2 Aug 2024 08:11:32 +0000 Original-Received: from localhost ([127.0.0.1]:52409 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sZnNr-0000Bj-Lu for submit@debbugs.gnu.org; Fri, 02 Aug 2024 04:11:32 -0400 Original-Received: from mail-pf1-f181.google.com ([209.85.210.181]:61842) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sZnNp-0000BV-0X for 72358@debbugs.gnu.org; Fri, 02 Aug 2024 04:11:30 -0400 Original-Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-70d19d768c2so6097914b3a.3 for <72358@debbugs.gnu.org>; Fri, 02 Aug 2024 01:11:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722586204; x=1723191004; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id :reply-to; bh=yEEAHyMG/NHWg8M7lVDhpRYRh/wX3pjGm7e1b7kFBNs=; b=hhhqIPiIHDJCXUsVEZcaUOCo1iWG7nwJUv4HdVG+K/HDo9MNslrlsFdxHkqeVyGgkn Gp1sP9Ekdu3CE3EimELbvHtVfN3PNozvNN3z6pUPwBAgEq9ypIk1LM3+8nkVwZXXjJZH 2U3ykrio5H7cx35TvZkL9h7V5O/OWozqnc9OGdQblCYgVrq03YIa6e/R+1hilMm+/MKi ++/oJRxNbINEkqJBoBXuMt2WOB8Sl8k+XX6vzcOKaLC4BKYKH0p3x1JkDNK8mHIzscEY UZFas6BJwff+iSktcvyhCdcd67qMHnSFkxYIkvSMxM7MkHSSVa2i2rNsqLqDx8GO/SJP ek2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722586204; x=1723191004; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yEEAHyMG/NHWg8M7lVDhpRYRh/wX3pjGm7e1b7kFBNs=; b=mkiLljrgNuse6J/6CGdTIaectOl3ItYDyX25+FKgNsm3UuxjlWHOkPTWebltpZOzRS blV9m2wulecuLh9umYFQ2zCql2A+lii54zrXYmrq548Tv45ivZTFquNUNo0PwTpM1P8t 1rF+9XlhRWQJ4P8Hsf2NUerW1U+fWNuQbC8GL5Ku6oXM+WVEAJjRuebiYxLnGuZCRe1H avo/qWhofnX4FS9ReNeaMbebcfHY7Zhlr8V0x4cFuZnb0k8juXqq/pOmtj4mHo0M/sZM Wig5hzPd4zbhnjKYZPn32qL6ivABjG+STF6CcAg87x7L9nEjdT9InWQjvFHsF6JN/QcQ R4ow== X-Forwarded-Encrypted: i=1; AJvYcCUa474nZi+OT3WLJmM+aatEi4PkpuXze+585fgNrwx+s+7qmjuHtLQ8MNrZ2R2iBBFZc3/AxRXoQmLTyNWDps7+leT8RUU= X-Gm-Message-State: AOJu0YxJZS2ja0HOaT46Q6oKa9HqQ4smWn7MbB/ty0Yruh5JRFnNt9YY RKYvXorqwVwAS0fXXsgsdw/W8rAa4w85GoZL1mcWMef0iKi9oB30pTzcsQ== X-Google-Smtp-Source: AGHT+IH/ir4Dzr3jfcdat7Khb6KYrKxqyTez59jdU21le0Y66Oa9lnPANWbgeLEs0Em4iIKqqHuFKg== X-Received: by 2002:a05:6a00:14c8:b0:70e:91ca:32ab with SMTP id d2e1a72fcca58-7106cf8ffa6mr4056144b3a.6.1722586204280; Fri, 02 Aug 2024 01:10:04 -0700 (PDT) Original-Received: from debian-hx90 (syn-076-094-249-045.res.spectrum.com. [76.94.249.45]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7106ecfc3cfsm930306b3a.146.2024.08.02.01.10.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Aug 2024 01:10:03 -0700 (PDT) In-Reply-To: (Thomas Fitzsimmons's message of "Thu, 01 Aug 2024 14:49:49 -0400") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:289632 Archived-At: Hi Thomas, Thomas Fitzsimmons writes: > Xiyue Deng writes: > >> Robert Pluim writes: >> >>>>>>>> On Tue, 30 Jul 2024 17:08:21 +0300, Bj=C3=B6rn Bidar via "Bug repo= rts for GNU Emacs, the Swiss army knife of text editors" said: >>> >>> Bj=C3=B6rn> Xiyue Deng writes: >>> >> The fourth patch may need a bit of background: oauth2.el (option= ally) >>> >> uses plstore to save authentication data for future reuse, and t= he >>> >> plstore id for an account is computed using a combination of `au= th-url', >>> >> `token-url', and `scope'. However, this combination of data doe= sn't >>> >> guarantee uniqueness for accounts for a same provider, e.g. for = Gmail, >>> >> the three parameters are the same for different accounts, and he= nce >>> >> storing a second account information will override the first one. >>> >>> Bj=C3=B6rn> Would it make sense to plug OAuth2.el into auth-source = to store the >>> Bj=C3=B6rn> authentication token safely inside an existing credenti= al storage? >>> >>> Bj=C3=B6rn> Various applications already do so when using the nativ= e credential >>> Bj=C3=B6rn> storages such as Freedesktop.org or the macOS keyring. >>> >>> Yes. In fact there=CA=BCs the auth-source-xoauth2 package that does >>> that. And oauth2 can already store stuff using plstore, so I=CA=BCm sur= e it >>> can be extended to use auth-source. >>> >> >> auth-source-xoauth2 doesn't actually use auth-source >> (e.g. ~/.authinfo.gpg) to store the data it needs, but use a custom file >> storing an ELisp hash table to store the client-id, client-secret, etc. >> It does advice the authentication code to use the calculated token. > > I have not seen it mentioned in this thread yet, so here goes: my > url-http-oauth package in GNU ELPA supports storing credentials in > ~/.authinfo.gpg and refreshing them. It would be nice if your OAuth2 > work could get feature parity with it, then I could delete my package; > feel free to copy any code that makes sense. (I do not use > url-http-oauth anymore, but I felt the need to write it when I was using > Excorporate and OAuth.) > Thanks for working on url-http-oauth! I think it adds credential management using auth-source, e.g. prompt for client-id and client-secret and store them, which my other addon (that I'll post next as it depends on the changes I made here) didn't do. Ideally this should be handled transparently by all auth-source backends and say Gnus when you add a new account, but IIUC currently the JSON backend doesn't support creation, which I'm using for ease to read and modify. > Ideally you could get the result (and the xoauth2 support for IMAP and > SMTP) accepted in Emacs core. > That would be great! My other addon uses advice, but it would definitely be better to be integrated in core (which already has partial support) > (Then, extremely ideally, the FSF could work out legal agreements with > the various OAuth providers to get Emacs registered as an OAuth > application, like, e.g., Thunderbird.) > That would be the best for the end user. Imagine a Gnus user could just add a new account and on launch Gnus the default browser will open the login page (or be prompted an URL to visit), which then normally handles all the login shenanigans (2FA, authenticator, etc.) and viola, you're logged in. > Thomas --=20 Xiyue Deng