GNU bug report logs - #72992
29.4; towards xoauth2 support in Emacs

Previous Next

Package: emacs;

Reported by: Xiyue Deng <manphiz <at> gmail.com>

Date: Tue, 3 Sep 2024 00:00:02 UTC

Severity: wishlist

Found in version 29.4

Full log

Message #47 received at 72992 <at> debbugs.gnu.org (full text, mbox):

From: Björn Bidar <bjorn.bidar <at> thaodan.de>
To: Andrew Cohen <acohen <at> ust.hk>
Cc: Stefan Kangas <stefankangas <at> gmail.com>, Ted Zlatanov <tzz <at> lifelogs.com>,
 72992 <at> debbugs.gnu.org, Philip Kaludercic <philipk <at> posteo.net>,
 Xiyue Deng <manphiz <at> gmail.com>
Subject: Re: bug#72992: 29.4; towards xoauth2 support in Emacs
Date: Sun, 22 Sep 2024 15:01:21 +0300

Andrew Cohen <acohen <at> ust.hk> writes:

>>>>>> "XD" == Xiyue Deng <manphiz <at> gmail.com> writes:
>
>     XD> Hi Andrew, Andrew Cohen <acohen <at> ust.hk> writes:
>
>     >>>>>>> "XD" == Xiyue Deng <dengxiyue <at> gmail.com> writes:
>     >> 
>
> [...]
>
>     XD> The basic support is actually in the Emacs core already,
>     XD> e.g. for Gnus nnimap[2] and smtpmail[3].  However, this assumes
>     XD> one to put the access_token in place of `:secret' in the
>     XD> auth-source file as Emacs uses password as the access_token in
>     XD> both places.  However, access_token expires quite frequently
>     XD> (e.g. about 1 hour for Gmail) and without refreshing it
>     XD> automatically it is practically impossible to use conveniently.
>     XD> Hence the propose hack and the following suggestion.
>     >> 
>     >> 
>     >> This isn't actually true. When I added the support many years
>     >> ago, I updated auth-source so that the :secret field can be a
>     >> function, and this is how you should be using the current xoauth
>     >> support.
>
>     XD> Thanks for pointing this out!  I found the place where `:secret'
>     XD> is handled as a function[1].  However, this requires a user to
>     XD> implement the oauth2 logic oneself, which I'm afraid is a bit
>     XD> too low-level and error-prone.  (Actually, can I actually put a
>     XD> lisp function in auth-source.gpg?)  
>
> I don't think you have to do anything low level, and I don't think there
> is anything error prone here; you can use the functions from oauth
> themselves (oauth2.el can create its own plstores, but I prefer to use
> auth-source.el to manage the stores).  The only things needed are a call
> to oauth2-refresh-access to get a new token, and then
> oauth2-token-access-token to return the new access token.

Is this documented?  If yes where?
I tried to look inside the auth manual nothing was mentioned.
Would this method work with all backends?
This bug report was last modified 318 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.