From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: =?utf-8?Q?Bj=C3=B6rn?= Bidar <bjorn.bidar@thaodan.de>
Newsgroups: gmane.emacs.devel
Subject: Re: Extending auth-source and plstore for more XOAUTH2 scenarios
Date: Thu, 18 May 2023 03:04:10 +0300
Message-ID: <874joa7bet.fsf@thaodan.de>
References: <53d1fe04-9c66-fd9c-a9a4-3f7a05792b36@vodafonemail.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="40483"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Gnus/5.13 (Gnus v5.13)
Cc: emacs-devel@gnu.org
To: Farblos <akfkqu.9df7rp@vodafonemail.de>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Thu May 18 02:05:25 2023
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1pzR93-000APU-5I
	for ged-emacs-devel@m.gmane-mx.org; Thu, 18 May 2023 02:05:25 +0200
Original-Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces@gnu.org>)
	id 1pzR87-0005xw-1D; Wed, 17 May 2023 20:04:27 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <bjorn.bidar@thaodan.de>)
 id 1pzR82-0005xi-N2
 for emacs-devel@gnu.org; Wed, 17 May 2023 20:04:23 -0400
Original-Received: from thaodan.de ([2a03:4000:4f:f15::1])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <bjorn.bidar@thaodan.de>)
 id 1pzR7z-000753-Rf
 for emacs-devel@gnu.org; Wed, 17 May 2023 20:04:22 -0400
Original-Received: from odin (unknown [IPv6:2001:2062:2301:f400:72a:be51:2c32:1a06])
 by thaodan.de (Postfix) with ESMTPSA id E2A38D08D9B;
 Thu, 18 May 2023 03:04:11 +0300 (EEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=thaodan.de; s=mail;
 t=1684368254; bh=E1hsU30viJgkc3pLbxdLVKT9vn/rlvK1xJWUoLK6w2s=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date;
 b=DpJv5q1ZVQQmmbiBTt3BYXIxF11U+dfNL072GW1uMc+fUVBJkOc+y0yJcluQtVxo9
 WCipLpmw1U8pQTCkE1KA7EMDxZO5cDvt85JFM+yLl0kWWUyXCnawHJ2T4ygGHl9ZRD
 gENn9lM/Tqf8vyxeHdvEA9oPyLdABWTyb1IY7BTQ1yBZo7y5qib0Ooozx4MSZS4AEf
 fXmdAG4qKoyIi/t5akaQ8/njQ4lgkMHG9f71lHpe/7pCyeEOBlC/n7wusgRrqhtsOl
 VGxb7KwZUBOE/wjQEWlsIIjzH6xe1Ok6MOeifK23Gw+NSxfwrEfIk2i/jdWnd9Houx
 UUouKFYbDpmEof1BhZTCzyNUfc8NX1v16Hxg+HLEywtFpTD7oKe0wWiP+yg0zZ0x1H
 AX1Nx6G3nz+3pXdJ7d0x2erqvZ52+JDA+OFe3ogRsZwRUYirbOGb2uAHbewPklsd09
 Zp9DlCbG0JTxsp75k59Dak3iAydvVwUMpnQzx4STJ+bT0Aw3ObNfa5II08hkeIAC92
 gOhiU+Otag5Mo9tZSkKYZ9gS/wpKmhWCUV+uAALj90iZgjvJpDAPzr7VwjqdnNXkkV
 vOd8rTOubwqrVAjX3oK5UMJjCukuCcA49RWQVcCrL9LUdZmKw7f1IKQQTGpcq55QwS
 38RDnXAPKYQMeaZxa88/CSbM=
In-Reply-To: <53d1fe04-9c66-fd9c-a9a4-3f7a05792b36@vodafonemail.de> (Farblos's
 message of "Thu, 11 May 2023 22:22:11 +0200")
Received-SPF: pass client-ip=2a03:4000:4f:f15::1;
 envelope-from=bjorn.bidar@thaodan.de; helo=thaodan.de
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Xref: news.gmane.io gmane.emacs.devel:306167
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/306167>


Hello,

I'm not sure how exactly that relates to this issue. But sasl.el that
was taken from FLIM, FLIM supports XOAUTH2.

FLIM is used in Wanderlust for this kind of purpose I think it.
It would make sense to import sasl-xoauth2 and sasl-scram for
completeness into Emacs.

I worked with signon-plugin-oauth2 in the past to implement the
Microsoft OAuth2 Workflow.
I have a few pointers regarding that:
- Microsoft's way of doing OAuth2 with a clientid rather than a client
  secret is ironically much friendlier to FOSS programs such as
  Emacs. Emacs can simply write the clientid inside the sources after
  registering an AppID at Microsoft. An example where this was already
  done is KDE PIM/Akonadi.
  No further intervention is needed on the user side besides pointing
  the user to the webpage to give Emacs the permission to access all the
  requested areas.
- I think it would make sense to see how Wanderlust implemented OAuth2
  for Microsoft.
- Take pointers from other existing implementations that try to add Microso=
ft
  Oauth to Gnus.

Br,

Bj=C3=B6rn Bidar