IMAP OAUTHBEARER patch

Brandon Long blong at fiction.net
Tue Jun 12 21:15:28 UTC 2018 

Ah, and now with support for that for smtp as well.  This does make some of
the smtp-auth stuff compiled in even without sasl support.

And works with the following settings:
set smtp_authenticators="oauthbearer"
set smtp_url="smtps://XXXX@gmail.com@smtp.gmail.com:465"
set smtp_pass=`/path/to/oauth2.py --user=XXXX at gmail.com
--client_id=<client-id>.apps.googleusercontent.com
--client_secret=<client-secret> --quiet --refresh_token=<refresh-token>`


On Tue, Jun 12, 2018 at 12:56 PM Brandon Long <blong at fiction.net> wrote:

> And the updated patch.  I don't know how to make git give me a single
> patch of the entire change, so this is my three local commits appended
> together, ie with git format-patch origin --stdout
>
> On Tue, Jun 12, 2018 at 12:28 PM Brandon Long <blong at fiction.net> wrote:
>
>>
>>
>> On Mon, Jun 11, 2018 at 5:22 PM Kevin J. McCarthy <kevin at 8t8.us> wrote:
>>
>>> On Mon, Jun 11, 2018 at 03:12:45PM -0700, Brandon Long wrote:
>>> > Hey mutt-dev, long time no see.
>>> >
>>> > Gmail supports RFC 7628 for using OAUTH with IMAP, and they really
>>> don't
>>> > like you using password based auth.  You can still enable "less secure
>>> > apps" and then generate an application specific password, but I
>>> figured it
>>> > was time to support it.
>>>
>>> Hi Brandon,
>>>
>>> Thank you for sending the patch.  I will take a closer look in a few
>>> days when I have a bit more time.  Just after a quick look I have two
>>> comments.
>>>
>>> It would be good to initialize ibuf[0] to '\0' before performing the
>>> safe_strcat.
>>>
>>
>> Will do.
>>
>>
>>> Also, are you confident of the static buffer sizes?  (I'm not familiar
>>> with OAUTH specs, so I have no idea).  A couple years ago I had to
>>> change imap_auth_sasl to use dynamic sized buffer because even
>>> HUGE_STRING wasn't big enough for someone [1cab7de7].
>>>
>>
>> I'm using 1024, which is definitely long enough for any existing
>> implementations, but it does look
>> like folks recommend against using fixed sizes.  It's unfortunate that
>> mutt doesn't have a dynamic string struct.
>>
>> Brandon
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mutt.org/pipermail/mutt-dev/attachments/20180612/e399c0df/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mutt.patch-20180608.bl.imap-oauthbearer.4
Type: application/octet-stream
Size: 14562 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-dev/attachments/20180612/e399c0df/attachment-0001.obj>

More information about the Mutt-dev mailing list