From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Thomas Fitzsimmons Newsgroups: gmane.emacs.bugs Subject: bug#72358: 29.4; oauth2.el improvements Date: Thu, 01 Aug 2024 14:49:49 -0400 Message-ID: References: <87mslz8yzk.fsf@debian-hx90.lan> <9717.00003590144$1722349291@news.gmane.org> <87r0bbvt9d.fsf@gmail.com> <871q3a8y1j.fsf@debian-hx90.lan> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="29512"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: =?UTF-8?Q?Bj=C3=B6rn?= Bidar , Robert Pluim , 72358@debbugs.gnu.org To: Xiyue Deng Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Thu Aug 01 20:51:06 2024 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1sZatE-0007PR-J8 for geb-bug-gnu-emacs@m.gmane-mx.org; Thu, 01 Aug 2024 20:51:05 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sZasy-00082Q-9K; Thu, 01 Aug 2024 14:50:48 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sZasw-0007zm-4p for bug-gnu-emacs@gnu.org; Thu, 01 Aug 2024 14:50:46 -0400 Original-Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sZasv-0004JM-S1 for bug-gnu-emacs@gnu.org; Thu, 01 Aug 2024 14:50:45 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:References:In-Reply-To:From:To:Subject; bh=8AeotqYymmk/05GjIBbrb3oqQiaud2cD2zOBlAh3E+w=; b=ogFe4ewz8N4lRQ1bicT2TDg4+/ggURqKo/DlRlbSz92flH/oLCnJClyRzOOIEFBiN3+35JTxnFnci7Ccb42hE6LebksD5MitRaE+FBpj3ikAlhBxfmlBfxH5WP6Jy0Qx5xJ/Ta388GyHLdgt3jHxBknOYP/SjHMNIKp+QYF02JviOPTpCIS2rZOTrom3qiYSmKxgin6sl8U1ipEQRigoBV1Th8ME8VQUlNzfSR9KugZJudxeQxJm5Qps9SPEyW3+SBFOJDsNF/lh5spTkWTi17NNI0ricTagjTxPX7DOAZ/dVZg7BkGwhNctUPtLZ98LN9bibnQNH9y47AN+NH/2Ug==; Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sZatC-0004xf-Hv for bug-gnu-emacs@gnu.org; Thu, 01 Aug 2024 14:51:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Thomas Fitzsimmons Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 01 Aug 2024 18:51:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 72358 X-GNU-PR-Package: emacs Original-Received: via spool by 72358-submit@debbugs.gnu.org id=B72358.172253821819017 (code B ref 72358); Thu, 01 Aug 2024 18:51:02 +0000 Original-Received: (at 72358) by debbugs.gnu.org; 1 Aug 2024 18:50:18 +0000 Original-Received: from localhost ([127.0.0.1]:51952 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sZasT-0004wf-Jx for submit@debbugs.gnu.org; Thu, 01 Aug 2024 14:50:18 -0400 Original-Received: from mail.fitzsim.org ([69.165.165.189]:36126) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sZasR-0004wQ-5U for 72358@debbugs.gnu.org; Thu, 01 Aug 2024 14:50:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=fitzsim.org ; s=20220430; h=Content-Transfer-Encoding:Content-Type:MIME-Version: Message-ID:Date:References:In-Reply-To:Subject:Cc:To:From:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=8AeotqYymmk/05GjIBbrb3oqQiaud2cD2zOBlAh3E+w=; b=PPqMje4sjsnW+CHLJgHvvHXLJw hYI1DkSDAM56avcuCnpjHWNDdA01OVSQGge7bIJP9rU24y02M+1XM9fIeuWHI4qQaQFp4zzaEkyWL NaB/1gYdqKDPxZ15Dpfvu+PN0Ool1nxO4udcYtGr6sra3dDHK4t0Ax7kf0nJAPZc4BScv2oeYFJuz eSHXJqvsKcMy7FQv/TdZObxIUX3Ppl3iTMIZRwVVM9fLernNW2/di9+lDEZp/x8B1wOoJ0otVLBzO da1yevhxwz6bski4OoPJQDIWRlPLfxqoHrGQHyX4zMH61Tj/9j5Tw2GB5Pm7PE3pq9c9lJawmfkhV qF51NL6Q==; Original-Received: from [192.168.1.1] (helo=localhost.localdomain) by mail.fitzsim.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1sZ2YN-000wgV-Rq; Thu, 01 Aug 2024 14:49:50 -0400 In-Reply-To: <871q3a8y1j.fsf@debian-hx90.lan> (Xiyue Deng's message of "Tue, 30 Jul 2024 12:44:40 -0700") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:289622 Archived-At: Xiyue Deng writes: > Robert Pluim writes: > >>>>>>> On Tue, 30 Jul 2024 17:08:21 +0300, Bj=C3=B6rn Bidar via "Bug repor= ts for GNU Emacs, the Swiss army knife of text editors" said: >> >> Bj=C3=B6rn> Xiyue Deng writes: >> >> The fourth patch may need a bit of background: oauth2.el (optiona= lly) >> >> uses plstore to save authentication data for future reuse, and the >> >> plstore id for an account is computed using a combination of `aut= h-url', >> >> `token-url', and `scope'. However, this combination of data does= n't >> >> guarantee uniqueness for accounts for a same provider, e.g. for G= mail, >> >> the three parameters are the same for different accounts, and hen= ce >> >> storing a second account information will override the first one. >> >> Bj=C3=B6rn> Would it make sense to plug OAuth2.el into auth-source t= o store the >> Bj=C3=B6rn> authentication token safely inside an existing credentia= l storage? >> >> Bj=C3=B6rn> Various applications already do so when using the native= credential >> Bj=C3=B6rn> storages such as Freedesktop.org or the macOS keyring. >> >> Yes. In fact there=CA=BCs the auth-source-xoauth2 package that does >> that. And oauth2 can already store stuff using plstore, so I=CA=BCm sure= it >> can be extended to use auth-source. >> > > auth-source-xoauth2 doesn't actually use auth-source > (e.g. ~/.authinfo.gpg) to store the data it needs, but use a custom file > storing an ELisp hash table to store the client-id, client-secret, etc. > It does advice the authentication code to use the calculated token. I have not seen it mentioned in this thread yet, so here goes: my url-http-oauth package in GNU ELPA supports storing credentials in ~/.authinfo.gpg and refreshing them. It would be nice if your OAuth2 work could get feature parity with it, then I could delete my package; feel free to copy any code that makes sense. (I do not use url-http-oauth anymore, but I felt the need to write it when I was using Excorporate and OAuth.) Ideally you could get the result (and the xoauth2 support for IMAP and SMTP) accepted in Emacs core. (Then, extremely ideally, the FSF could work out legal agreements with the various OAuth providers to get Emacs registered as an OAuth application, like, e.g., Thunderbird.) Thomas