aboutsummaryrefslogtreecommitdiffstats
path: root/worker
diff options
context:
space:
mode:
authorJulian Pidancet <julian.pidancet@oracle.com>2022-09-28 19:49:11 +0200
committerRobin Jarry <robin@jarry.cc>2022-10-01 15:47:33 +0200
commit9217dbeea45830c1d1d3d8453b495b6792bc38ca (patch)
tree813f70196d1e34daa39e2261e598b0914d4dd880 /worker
parent45bff8851509432f6b5a21360ce67a7b2ca55eb5 (diff)
downloadaerc-9217dbeea45830c1d1d3d8453b495b6792bc38ca.tar.gz
imap,smtp: add XOAUTH2 support
Add XOAUTH2 authentication support for IMAP and SMTP. Although XOAUTH2 is now deprecated in favor of OAuthBearer, it is the only way to connect to Office365 since Basic Auth is now completely removed. Since XOAUTH2 is very similar to OAuthBearer and uses the same configuration parameters, this is basically a copy-paste of the existing OAuthBearer code. However, XOAUTH2 support was removed from go-sasl library, so this change reimports the code that was removed from go-sasl and offers it a new home in lib/xoauth2.go. Hopefully it shouldn't be too hard to maintain, being less than 50 SLOC. Link: https://github.com/emersion/go-sasl/commit/7bfe0ed36a21 Implements: https://todo.sr.ht/~rjarry/aerc/78 Signed-off-by: Julian Pidancet <julian.pidancet@oracle.com> Tested-by: Inwit <inwit@sindominio.net> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
Diffstat (limited to 'worker')
-rw-r--r--worker/imap/configure.go15
-rw-r--r--worker/imap/connect.go5
-rw-r--r--worker/imap/worker.go1
3 files changed, 21 insertions, 0 deletions
diff --git a/worker/imap/configure.go b/worker/imap/configure.go
index 691e0d76..a9689f68 100644
--- a/worker/imap/configure.go
+++ b/worker/imap/configure.go
@@ -38,6 +38,21 @@ func (w *IMAPWorker) handleConfigure(msg *types.Configure) error {
w.config.oauthBearer.OAuth2 = oauth2
}
+ if strings.HasSuffix(w.config.scheme, "+xoauth2") {
+ w.config.scheme = strings.TrimSuffix(w.config.scheme, "+xoauth2")
+ w.config.xoauth2.Enabled = true
+ q := u.Query()
+
+ oauth2 := &oauth2.Config{}
+ if q.Get("token_endpoint") != "" {
+ oauth2.ClientID = q.Get("client_id")
+ oauth2.ClientSecret = q.Get("client_secret")
+ oauth2.Scopes = []string{q.Get("scope")}
+ oauth2.Endpoint.TokenURL = q.Get("token_endpoint")
+ }
+ w.config.xoauth2.OAuth2 = oauth2
+ }
+
w.config.addr = u.Host
if !strings.ContainsRune(w.config.addr, ':') {
w.config.addr += ":" + w.config.scheme
diff --git a/worker/imap/connect.go b/worker/imap/connect.go
index 7c43b561..035feaba 100644
--- a/worker/imap/connect.go
+++ b/worker/imap/connect.go
@@ -80,6 +80,11 @@ func (w *IMAPWorker) connect() (*client.Client, error) {
username, password, c); err != nil {
return nil, err
}
+ } else if w.config.xoauth2.Enabled {
+ if err := w.config.xoauth2.Authenticate(
+ username, password, c); err != nil {
+ return nil, err
+ }
} else if err := c.Login(username, password); err != nil {
return nil, err
}
diff --git a/worker/imap/worker.go b/worker/imap/worker.go
index 66e4cdf6..c5032a0b 100644
--- a/worker/imap/worker.go
+++ b/worker/imap/worker.go
@@ -43,6 +43,7 @@ type imapConfig struct {
user *url.Userinfo
folders []string
oauthBearer lib.OAuthBearer
+ xoauth2 lib.Xoauth2
idle_timeout time.Duration
idle_debounce time.Duration
reconnect_maxwait time.Duration