Let me reply to my own question:

Better not to do anything: not only the smtpmail patch is probably a year away
from deployment, but there are changes in auth-pass in Emacs 26 that
make dealing with all the possible combinations awkward.

What I'm going to do is to get the auth-source-xoauth2 package ready and
working, at this point, strictly through advises, and using the MELPA
auth-password-store package instead of the one included in Emacs
26.

Once things settle down we can talk more patches.

On Sat 13 Jan 2018 at 05:59, Cesar Crusius wrote:

> Hi all,
>
> Now that the patch is in for smtpmail-try-auth-method, my (yet not
> submitted) auth-source-xoauth2 package allows me to send e-mail through
> Gmail using XOAuth2. The next piece of the puzzle is reading e-mail, and
> the needed patch is now in nnimap-login. I have it working by advising
> it, but I am thinking that nnimap-login maybe should have the same
> extensibility as its "mirror" smtpmail.
>
> This function seems harder to generalize - one of the ways would be to
> make the entire `cond' body a list that can be added to, and then turn
> it into
>
> (defmacro nnimap-login (user password)
>   `(cond ,@nnimap-login-methods))
>
> or something like that. With that, adding support for a protocol could
> be done with
>
> (add-to-list 'nnimap-login-methods
>   '((and (eq nnimap-authenticator 'xoauth2)
>          (nnimap-capability "AUTH=XOAUTH2")
>          (nnimap-capability "SASL-IR"))
>     (nnimap-command
>      (concat "AUTHENTICATE XOAUTH2 "
>              (base64-encode-string
>               (concat "user=" user "\1auth=Bearer " password "\1\1")
>               t)))))
>
> Opinions?


-- 
Cesar Crusius