XOAUTH2: fix the *_eval configuration options

They introduce a regression not allowing to discard the XOAUTH2 method when
expected.

The default lambda did not take the "account_name" argument.

Github-fix: https://github.com/OfflineIMAP/offlineimap/issues/362
Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>

offlineimap/imapserver.py

@@ -378,6 +378,10 @@ class IMAPServer(object):
         warnings for failed methods are to be produced in the
         respective except blocks."""
 
+        # Stack stores pairs of (method name, exception)
+        exc_stack = []
+        tried_to_authn = False
+        tried_tls = False
         # Authentication routines, hash keyed by method name
         # with value that is a tuple with
         # - authentication function,
@@ -385,24 +389,15 @@ class IMAPServer(object):
         # - check IMAP capability flag.
         auth_methods = {
           "GSSAPI": (self.__authn_gssapi, False, True),
-          "CRAM-MD5": (self.__authn_cram_md5, True, True),
           "XOAUTH2": (self.__authn_xoauth2, True, True),
+          "CRAM-MD5": (self.__authn_cram_md5, True, True),
           "PLAIN": (self.__authn_plain, True, True),
           "LOGIN": (self.__authn_login, True, False),
         }
-        # Stack stores pairs of (method name, exception)
-        exc_stack = []
-        tried_to_authn = False
-        tried_tls = False
-        mechs = self.authmechs
 
-        # GSSAPI must be tried first: we will probably go TLS after it
+        # GSSAPI is tried first by default: we will probably go TLS after it and
-        # and GSSAPI mustn't be tunneled over TLS.
+        # GSSAPI mustn't be tunneled over TLS.
-        if "GSSAPI" in mechs:
+        for m in self.authmechs:
-            mechs.remove("GSSAPI")
-            mechs.insert(0, "GSSAPI")
-
-        for m in mechs:
             if m not in auth_methods:
                 raise Exception("Bad authentication method %s, "
                   "please, file OfflineIMAP bug" % m)

offlineimap/repository/IMAP.py

@@ -309,28 +309,36 @@ class IMAPRepository(BaseRepository):
         refresh_token = self.getconf('oauth2_refresh_token', None)
         if refresh_token is None:
             refresh_token = self.localeval.eval(
-                self.getconf('oauth2_refresh_token_eval', "lambda: None"))
+                self.getconf('oauth2_refresh_token_eval',
+                             "lambda x: None")
+                )(self.account.getname())
         return refresh_token
 
     def getoauth2_access_token(self):
         access_token = self.getconf('oauth2_access_token', None)
         if access_token is None:
             access_token = self.localeval.eval(
-                self.getconf('oauth2_access_token_eval', "lambda: None"))
+                self.getconf('oauth2_access_token_eval',
+                             "lambda x: None")
+                )(self.account.getname())
         return access_token
 
     def getoauth2_client_id(self):
         client_id = self.getconf('oauth2_client_id', None)
         if client_id is None:
             client_id = self.localeval.eval(
-                self.getconf('oauth2_client_id_eval', "lambda: None"))
+                self.getconf('oauth2_client_id_eval',
+                             "lambda x: None")
+                )(self.account.getname())
         return client_id
 
     def getoauth2_client_secret(self):
         client_secret = self.getconf('oauth2_client_secret', None)
         if client_secret is None:
             client_secret = self.localeval.eval(
-                self.getconf('oauth2_client_secret_eval', "lambda: None"))
+                self.getconf('oauth2_client_secret_eval',
+                             "lambda x: None")
+                )(self.account.getname())
         return client_secret
 
     def getpreauthtunnel(self):