XOAUTH2: fix the *_eval configuration options
They introduce a regression not allowing to discard the XOAUTH2 method when expected. The default lambda did not take the "account_name" argument. Github-fix: https://github.com/OfflineIMAP/offlineimap/issues/362 Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
This commit is contained in:
parent
ddbc1426d5
commit
9aa5afa951
@ -378,6 +378,10 @@ class IMAPServer(object):
|
|||||||
warnings for failed methods are to be produced in the
|
warnings for failed methods are to be produced in the
|
||||||
respective except blocks."""
|
respective except blocks."""
|
||||||
|
|
||||||
|
# Stack stores pairs of (method name, exception)
|
||||||
|
exc_stack = []
|
||||||
|
tried_to_authn = False
|
||||||
|
tried_tls = False
|
||||||
# Authentication routines, hash keyed by method name
|
# Authentication routines, hash keyed by method name
|
||||||
# with value that is a tuple with
|
# with value that is a tuple with
|
||||||
# - authentication function,
|
# - authentication function,
|
||||||
@ -385,24 +389,15 @@ class IMAPServer(object):
|
|||||||
# - check IMAP capability flag.
|
# - check IMAP capability flag.
|
||||||
auth_methods = {
|
auth_methods = {
|
||||||
"GSSAPI": (self.__authn_gssapi, False, True),
|
"GSSAPI": (self.__authn_gssapi, False, True),
|
||||||
"CRAM-MD5": (self.__authn_cram_md5, True, True),
|
|
||||||
"XOAUTH2": (self.__authn_xoauth2, True, True),
|
"XOAUTH2": (self.__authn_xoauth2, True, True),
|
||||||
|
"CRAM-MD5": (self.__authn_cram_md5, True, True),
|
||||||
"PLAIN": (self.__authn_plain, True, True),
|
"PLAIN": (self.__authn_plain, True, True),
|
||||||
"LOGIN": (self.__authn_login, True, False),
|
"LOGIN": (self.__authn_login, True, False),
|
||||||
}
|
}
|
||||||
# Stack stores pairs of (method name, exception)
|
|
||||||
exc_stack = []
|
|
||||||
tried_to_authn = False
|
|
||||||
tried_tls = False
|
|
||||||
mechs = self.authmechs
|
|
||||||
|
|
||||||
# GSSAPI must be tried first: we will probably go TLS after it
|
# GSSAPI is tried first by default: we will probably go TLS after it and
|
||||||
# and GSSAPI mustn't be tunneled over TLS.
|
# GSSAPI mustn't be tunneled over TLS.
|
||||||
if "GSSAPI" in mechs:
|
for m in self.authmechs:
|
||||||
mechs.remove("GSSAPI")
|
|
||||||
mechs.insert(0, "GSSAPI")
|
|
||||||
|
|
||||||
for m in mechs:
|
|
||||||
if m not in auth_methods:
|
if m not in auth_methods:
|
||||||
raise Exception("Bad authentication method %s, "
|
raise Exception("Bad authentication method %s, "
|
||||||
"please, file OfflineIMAP bug" % m)
|
"please, file OfflineIMAP bug" % m)
|
||||||
|
@ -309,28 +309,36 @@ class IMAPRepository(BaseRepository):
|
|||||||
refresh_token = self.getconf('oauth2_refresh_token', None)
|
refresh_token = self.getconf('oauth2_refresh_token', None)
|
||||||
if refresh_token is None:
|
if refresh_token is None:
|
||||||
refresh_token = self.localeval.eval(
|
refresh_token = self.localeval.eval(
|
||||||
self.getconf('oauth2_refresh_token_eval', "lambda: None"))
|
self.getconf('oauth2_refresh_token_eval',
|
||||||
|
"lambda x: None")
|
||||||
|
)(self.account.getname())
|
||||||
return refresh_token
|
return refresh_token
|
||||||
|
|
||||||
def getoauth2_access_token(self):
|
def getoauth2_access_token(self):
|
||||||
access_token = self.getconf('oauth2_access_token', None)
|
access_token = self.getconf('oauth2_access_token', None)
|
||||||
if access_token is None:
|
if access_token is None:
|
||||||
access_token = self.localeval.eval(
|
access_token = self.localeval.eval(
|
||||||
self.getconf('oauth2_access_token_eval', "lambda: None"))
|
self.getconf('oauth2_access_token_eval',
|
||||||
|
"lambda x: None")
|
||||||
|
)(self.account.getname())
|
||||||
return access_token
|
return access_token
|
||||||
|
|
||||||
def getoauth2_client_id(self):
|
def getoauth2_client_id(self):
|
||||||
client_id = self.getconf('oauth2_client_id', None)
|
client_id = self.getconf('oauth2_client_id', None)
|
||||||
if client_id is None:
|
if client_id is None:
|
||||||
client_id = self.localeval.eval(
|
client_id = self.localeval.eval(
|
||||||
self.getconf('oauth2_client_id_eval', "lambda: None"))
|
self.getconf('oauth2_client_id_eval',
|
||||||
|
"lambda x: None")
|
||||||
|
)(self.account.getname())
|
||||||
return client_id
|
return client_id
|
||||||
|
|
||||||
def getoauth2_client_secret(self):
|
def getoauth2_client_secret(self):
|
||||||
client_secret = self.getconf('oauth2_client_secret', None)
|
client_secret = self.getconf('oauth2_client_secret', None)
|
||||||
if client_secret is None:
|
if client_secret is None:
|
||||||
client_secret = self.localeval.eval(
|
client_secret = self.localeval.eval(
|
||||||
self.getconf('oauth2_client_secret_eval', "lambda: None"))
|
self.getconf('oauth2_client_secret_eval',
|
||||||
|
"lambda x: None")
|
||||||
|
)(self.account.getname())
|
||||||
return client_secret
|
return client_secret
|
||||||
|
|
||||||
def getpreauthtunnel(self):
|
def getpreauthtunnel(self):
|
||||||
|
Loading…
x
Reference in New Issue
Block a user