From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: =?utf-8?Q?Bj=C3=B6rn?= Bidar Newsgroups: gmane.emacs.devel Subject: Re: Extending auth-source and plstore for more XOAUTH2 scenarios Date: Thu, 18 May 2023 03:04:10 +0300 Message-ID: <874joa7bet.fsf@thaodan.de> References: <53d1fe04-9c66-fd9c-a9a4-3f7a05792b36@vodafonemail.de> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="40483"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: emacs-devel@gnu.org To: Farblos Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Thu May 18 02:05:25 2023 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pzR93-000APU-5I for ged-emacs-devel@m.gmane-mx.org; Thu, 18 May 2023 02:05:25 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pzR87-0005xw-1D; Wed, 17 May 2023 20:04:27 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pzR82-0005xi-N2 for emacs-devel@gnu.org; Wed, 17 May 2023 20:04:23 -0400 Original-Received: from thaodan.de ([2a03:4000:4f:f15::1]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pzR7z-000753-Rf for emacs-devel@gnu.org; Wed, 17 May 2023 20:04:22 -0400 Original-Received: from odin (unknown [IPv6:2001:2062:2301:f400:72a:be51:2c32:1a06]) by thaodan.de (Postfix) with ESMTPSA id E2A38D08D9B; Thu, 18 May 2023 03:04:11 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=thaodan.de; s=mail; t=1684368254; bh=E1hsU30viJgkc3pLbxdLVKT9vn/rlvK1xJWUoLK6w2s=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=DpJv5q1ZVQQmmbiBTt3BYXIxF11U+dfNL072GW1uMc+fUVBJkOc+y0yJcluQtVxo9 WCipLpmw1U8pQTCkE1KA7EMDxZO5cDvt85JFM+yLl0kWWUyXCnawHJ2T4ygGHl9ZRD gENn9lM/Tqf8vyxeHdvEA9oPyLdABWTyb1IY7BTQ1yBZo7y5qib0Ooozx4MSZS4AEf fXmdAG4qKoyIi/t5akaQ8/njQ4lgkMHG9f71lHpe/7pCyeEOBlC/n7wusgRrqhtsOl VGxb7KwZUBOE/wjQEWlsIIjzH6xe1Ok6MOeifK23Gw+NSxfwrEfIk2i/jdWnd9Houx UUouKFYbDpmEof1BhZTCzyNUfc8NX1v16Hxg+HLEywtFpTD7oKe0wWiP+yg0zZ0x1H AX1Nx6G3nz+3pXdJ7d0x2erqvZ52+JDA+OFe3ogRsZwRUYirbOGb2uAHbewPklsd09 Zp9DlCbG0JTxsp75k59Dak3iAydvVwUMpnQzx4STJ+bT0Aw3ObNfa5II08hkeIAC92 gOhiU+Otag5Mo9tZSkKYZ9gS/wpKmhWCUV+uAALj90iZgjvJpDAPzr7VwjqdnNXkkV vOd8rTOubwqrVAjX3oK5UMJjCukuCcA49RWQVcCrL9LUdZmKw7f1IKQQTGpcq55QwS 38RDnXAPKYQMeaZxa88/CSbM= In-Reply-To: <53d1fe04-9c66-fd9c-a9a4-3f7a05792b36@vodafonemail.de> (Farblos's message of "Thu, 11 May 2023 22:22:11 +0200") Received-SPF: pass client-ip=2a03:4000:4f:f15::1; envelope-from=bjorn.bidar@thaodan.de; helo=thaodan.de X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.devel:306167 Archived-At: Hello, I'm not sure how exactly that relates to this issue. But sasl.el that was taken from FLIM, FLIM supports XOAUTH2. FLIM is used in Wanderlust for this kind of purpose I think it. It would make sense to import sasl-xoauth2 and sasl-scram for completeness into Emacs. I worked with signon-plugin-oauth2 in the past to implement the Microsoft OAuth2 Workflow. I have a few pointers regarding that: - Microsoft's way of doing OAuth2 with a clientid rather than a client secret is ironically much friendlier to FOSS programs such as Emacs. Emacs can simply write the clientid inside the sources after registering an AppID at Microsoft. An example where this was already done is KDE PIM/Akonadi. No further intervention is needed on the user side besides pointing the user to the webpage to give Emacs the permission to access all the requested areas. - I think it would make sense to see how Wanderlust implemented OAuth2 for Microsoft. - Take pointers from other existing implementations that try to add Microso= ft Oauth to Gnus. Br, Bj=C3=B6rn Bidar