GNU bug report logs - #72992
29.4; towards xoauth2 support in Emacs

Previous Next

Package: emacs;

Reported by: Xiyue Deng <manphiz <at> gmail.com>

Date: Tue, 3 Sep 2024 00:00:02 UTC

Severity: wishlist

Found in version 29.4

Full log

View this message in rfc822 format

From: Andrew Cohen <acohen <at> ust.hk>
To: Xiyue Deng <dengxiyue <at> gmail.com>
Cc: Ted Zlatanov <tzz <at> lifelogs.com>, Philip Kaludercic <philipk <at> posteo.net>, 72992 <at> debbugs.gnu.org, Stefan Kangas <stefankangas <at> gmail.com>
Subject: bug#72992: 29.4; towards xoauth2 support in Emacs
Date: Thu, 19 Sep 2024 13:13:00 +0800

>>>>> "XD" == Xiyue Deng <dengxiyue <at> gmail.com> writes:

    XD> Hi Stefan, Stefan Kangas <stefankangas <at> gmail.com> writes:

    >> Xiyue Deng <manphiz <at> gmail.com> writes:
    >> 

[...]


    >>> Currently, auth-source search requires that the result include
    >>> `:secret' most of the time, where when using xoauth2 it is
    >>> actually the access-token. Actually, auth-source has existing
    >>> support for xoauth2 authentication, though it assumes that the
    >>> password value actually stores the access-token.
    >> 
    >> Where can we find this "existing support"?  Do you mean the
    >> 'auth-source-xoauth2' package on GNU ELPA?
    >> 

    XD> The basic support is actually in the Emacs core already,
    XD> e.g. for Gnus nnimap[2] and smtpmail[3].  However, this assumes
    XD> one to put the access_token in place of `:secret' in the
    XD> auth-source file as Emacs uses password as the access_token in
    XD> both places.  However, access_token expires quite frequently
    XD> (e.g. about 1 hour for Gmail) and without refreshing it
    XD> automatically it is practically impossible to use conveniently.
    XD> Hence the propose hack and the following suggestion.


This isn't actually true. When I added the support many years ago, I
updated auth-source so that the :secret field can be a function, and
this is how you should be using the current xoauth support. On the bug
thread I posted a suitable function that handles token refreshing (and
its on my list of changes to emacs that I expect to push at some
point). So everything necessary to use xoauth for nnimap and smtpmail
with auth-source, including automatic token refreshing, is already
present in emacs. 

Having said that, I think some of the ideas in Xiyue's code would be
useful. However I think it would be best to base this on the existing
code which works very well and is in use by at least me (and I think
some others as well).

Best,
Andy


-- 
Andrew Cohen
This bug report was last modified 318 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.