Received: (at 54913) by debbugs.gnu.org; 14 Apr 2022 01:16:53 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Apr 13 21:16:53 2022
Received: from localhost ([127.0.0.1]:54428 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1neo6P-0005hv-Af
for submit <at> debbugs.gnu.org; Wed, 13 Apr 2022 21:16:53 -0400
Received: from quimby.gnus.org ([95.216.78.240]:35390)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <larsi@HIDDEN>) id 1neo6N-0005hZ-CC
for 54913 <at> debbugs.gnu.org; Wed, 13 Apr 2022 21:16:51 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnus.org;
s=20200322; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID
:In-Reply-To:Date:References:Subject:Cc:To:From:Sender:Reply-To:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=OHm2GtVR+1ZTfMnjnepGhcWgOcpT6W1m/GTV3BAdwAo=; b=r0k+xfqkiznQvQb0teiQqV+yph
cDMMlZECrd3rhgHePbTeaWDX3x4K72P72+8qwd3rx+7Y8SSJGrRpavOrFp1qebRlcEVCDbKTfeZ/m
w9jWKVpsPot4nUY7oK1uk45ZKBqEBtAKhkeJyVrJdIy4wXpYuG3PmDPA9y0rTgbfc9Yo=;
Received: from [84.212.220.105] (helo=xo)
by quimby.gnus.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.92) (envelope-from <larsi@HIDDEN>)
id 1neo6E-000393-Ek; Thu, 14 Apr 2022 03:16:44 +0200
From: Lars Ingebrigtsen <larsi@HIDDEN>
To: =?utf-8?Q?Adri=C3=A0?= Garriga-Alonso <adria.garriga@HIDDEN>
Subject: Re: bug#54913: OAuth2 ELPA package: out-of-band authentication
deprecated
References: <87k0btl6xq.fsf@HIDDEN>
Date: Thu, 14 Apr 2022 03:16:41 +0200
In-Reply-To: <87k0btl6xq.fsf@HIDDEN> (=?utf-8?Q?=22Adri=C3=A0?=
Garriga-Alonso"'s message of "Wed, 13 Apr 2022 10:14:17 +0200")
Message-ID: <87mtgoo45i.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Report: Spam detection software, running on the system "quimby.gnus.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Adrià Garriga-Alonso <adria.garriga@HIDDEN> writes: >
Is there someone willing to review and merge a potential patch? Sure, patches
are welcome.
Content analysis details: (-2.9 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 54913
Cc: 54913 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)
Adri=C3=A0 Garriga-Alonso <adria.garriga@HIDDEN> writes:
> Is there someone willing to review and merge a potential patch?=20
Sure, patches are welcome.
--=20
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
bug-gnu-emacs@HIDDEN:bug#54913; Package emacs.
Full text available.Received: (at submit) by debbugs.gnu.org; 13 Apr 2022 15:30:56 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed Apr 13 11:30:56 2022 Received: from localhost ([127.0.0.1]:53659 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1neexL-0006U8-Jt for submit <at> debbugs.gnu.org; Wed, 13 Apr 2022 11:30:55 -0400 Received: from lists.gnu.org ([209.51.188.17]:34520) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <adria.garriga@HIDDEN>) id 1neYQf-0001wQ-N5 for submit <at> debbugs.gnu.org; Wed, 13 Apr 2022 04:32:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59782) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <adria.garriga@HIDDEN>) id 1neYQf-0005lv-EL for bug-gnu-emacs@HIDDEN; Wed, 13 Apr 2022 04:32:45 -0400 Received: from mail-wr1-x42b.google.com ([2a00:1450:4864:20::42b]:45975) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <adria.garriga@HIDDEN>) id 1neYQd-0004HN-4i for bug-gnu-emacs@HIDDEN; Wed, 13 Apr 2022 04:32:45 -0400 Received: by mail-wr1-x42b.google.com with SMTP id w4so1479595wrg.12 for <bug-gnu-emacs@HIDDEN>; Wed, 13 Apr 2022 01:32:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:user-agent:message-id:mime-version; bh=xxRMgviViIvydo/mcpd0MhTZGVjY4cUh1k4K/uGjC3o=; b=pDQKYivp21nzazlLd8q1LcMzBhZif1oZtlAk9TFDWIg0eR8oT1+mCIVE6L9k842pPY BzSjkdwECvKdN+dWpPzj77L6VxTgOluh5FCYcMwOFefsWJB6cw281+hk5APzMpo+wo4F WtshKJxXHCB5BHXarwFyNNEmLNBDtXYTX2mAjLqrJdGGPL5TGVLlFiUkG8vvr7qYsh32 UW96ZJlrCwm9NpZxERxevpz+hFLFO0F5wLA4IV71sxRixXSgeedjQF2JiK3n0Ypw01Wd GJ2xI9ADUP4zSwmy1tI0XLvOaopjhBBb1B0ENemT1OOxBBpNLg+nXxTZJ01z7p+Kz+LS eXVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:user-agent:message-id :mime-version; bh=xxRMgviViIvydo/mcpd0MhTZGVjY4cUh1k4K/uGjC3o=; b=tBZljFZ1zMUrO6CNY0rcPgZuoKelK8USzdQtbBK+rrrA+opPaKyX6Vjt/48p9obouf vgl1FzL8nMt4+PW9HfpMpYtkL5JyVZrUBPw2CEE5AylDjt4uTqOYfEzsLwoDrFuxncuJ lpcUvNJaLcZqNg+WIsOgB+ClmH25aHP/p/KEimOIHP5HkEJMMHDdC53EuTqfeMlBODBn GDgEe63WrjSR9ChOlHmGd6ZxCkM+6beTPb+2MK0uZ5JntOWF5aHKaLty4tM//GMDVWHW 1Ef9TQwrirUATjhI06eIglhPIFOWO9AxTGIYAr/QYM3szLppkoHNq6DgsDZTmU3qLRvv T1mA== X-Gm-Message-State: AOAM5308ZGp06SaQ0b+aJU7CNuSLDyKNjCyo4H7DNV3pfPU0jqsXt8Q7 CevbUSEdf4HcWLUYoqSnKF8cC63Ls76jnQUi X-Google-Smtp-Source: ABdhPJzXrzNmvQmqHOblwjzu+xazE6LjUgYYewoIlKT9+q/YX+pntjtNwAOIIMY6qKCEfHwzuZEnMA== X-Received: by 2002:a05:6000:1c02:b0:207:98bd:c5d0 with SMTP id ba2-20020a0560001c0200b0020798bdc5d0mr19550896wrb.25.1649838760762; Wed, 13 Apr 2022 01:32:40 -0700 (PDT) Received: from localhost ([2a02:2e02:99b1:c00:b778:fa02:759b:2b51]) by smtp.gmail.com with ESMTPSA id f13-20020a5d64cd000000b0020787751295sm16419273wri.35.2022.04.13.01.32.39 for <bug-gnu-emacs@HIDDEN> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 Apr 2022 01:32:40 -0700 (PDT) From: =?utf-8?Q?Adri=C3=A0?= Garriga-Alonso <adria.garriga@HIDDEN> To: bug-gnu-emacs@HIDDEN Subject: OAuth2 ELPA package: out-of-band authentication deprecated Date: Wed, 13 Apr 2022 10:14:17 +0200 User-agent: mu4e 1.6.10; emacs 29.0.50 Message-ID: <87k0btl6xq.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Received-SPF: pass client-ip=2a00:1450:4864:20::42b; envelope-from=adria.garriga@HIDDEN; helo=mail-wr1-x42b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Wed, 13 Apr 2022 11:30:54 -0400 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.3 (--) --=-=-= Content-Type: multipart/alternative; boundary="==-=-=" --==-=-= Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable This report concerns the [oauth2 package on ELPA]. Hope that=E2=80=99s OK. = It affects downstream users of it such as `org-gcal' and `org-caldav'. The authentication scheme used by `oauth2' has been deprecated by Google services. I have a patch to update to the newer, recommended way. The OAuth2 maintainer said it would be a good addition, but I should find someone on E= LPA that is happy to review it in order to contribute. Is there someone willing to review and merge a potential patch? More details: The current authentication scheme is out-of-band authentication; a code is displayed in the browser and the user copies it into Emacs. The new scheme involves spinning up an (extremely simple) HTTP server on Emacs to handle a redirect in the browser. I have an [implementation of the HTTP authentication handler], and emailed = Julien Danjou (the `oauth2' maintainer) about it. Julien said it would be a good incorporation to the package but they don=E2=80=99t have time to review it. Thank you for your time. Adri=C3=A0 Garriga-Alonso [oauth2 package on ELPA] <https://elpa.gnu.org/packages/oauth2.html> [implementation of the HTTP authentication handler] <https://github.com/rha= ps0dy/emacs-oauth2-auto/> --==-=-= Content-Type: text/html; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable <html xmlns=3D"http://www.w3.org/1999/xhtml" lang=3D"en" xml:lang=3D"en"><h= ead><!-- 2022-04-13 Wed 10:32 --><meta http-equiv=3D"Content-Type" content= =3D"text/html;charset=3Dutf-8"/><meta name=3D"viewport" content=3D"width=3D= device-width, initial-scale=3D1"/><meta name=3D"generator" content=3D"Org M= ode"/></head><body> <div style=3D"font-family:-apple-system, BlinkMacSystemFont, "Segoe UI= ", Roboto, Oxygen, Ubuntu, Cantarell, "Fira Sans", &q= uot;Droid Sans", "Helvetica Neue", Arial, sans-serif, "= Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol&= quot;;;font-size:11pt;line-height:12pt;" id=3D"content"> <p style=3D"text-decoration:none;line-height:1.4;margin-top:10px;margin-bot= tom:0px;font-size:11pt;max-width:50em;"> This report concerns the <a style=3D"color:#000000;" href=3D"https://elpa.g= nu.org/packages/oauth2.html">oauth2 package on ELPA</a>. Hope that=E2=80=99= s OK. It affects downstream users of it such as <code style=3D"font-size:11pt;font-family:SF= Mono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "C= ourier New", monospace;;background:#f9f9f9;">org-gcal</code> and <code= style=3D"font-size:11pt;font-family:SFMono-Regular, Menlo, Monaco, Consola= s, "Liberation Mono", "Courier New", monospace;;backgro= und:#f9f9f9;">org-caldav</code>. </p> <p style=3D"text-decoration:none;line-height:1.4;margin-top:10px;margin-bot= tom:0px;font-size:11pt;max-width:50em;"> The authentication scheme used by <code style=3D"font-size:11pt;font-family= :SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", &quo= t;Courier New", monospace;;background:#f9f9f9;">oauth2</code> has been= deprecated by Google services. I have a patch to update to the newer, recommended way. The OAuth2 maintainer said it would be a good addition, but I should find someone on E= LPA that is happy to review it in order to contribute. </p> <p style=3D"text-decoration:none;line-height:1.4;margin-top:10px;margin-bot= tom:0px;font-size:11pt;max-width:50em;"> Is there someone willing to review and merge a potential patch? </p> <p style=3D"text-decoration:none;line-height:1.4;margin-top:10px;margin-bot= tom:0px;font-size:11pt;max-width:50em;"> More details: </p> <p style=3D"text-decoration:none;line-height:1.4;margin-top:10px;margin-bot= tom:0px;font-size:11pt;max-width:50em;"> The current authentication scheme is out-of-band authentication; a code is displayed in the browser and the user copies it into Emacs. The new scheme involves spinning up an (extremely simple) HTTP server on Emacs to handle a redirect in the browser. </p> <p style=3D"text-decoration:none;line-height:1.4;margin-top:10px;margin-bot= tom:0px;font-size:11pt;max-width:50em;"> I have an <a style=3D"color:#000000;" href=3D"https://github.com/rhaps0dy/e= macs-oauth2-auto/">implementation of the HTTP authentication handler</a>, a= nd emailed Julien Danjou (the <code style=3D"font-size:11pt;font-family:SFMono-Regular, Menlo= , Monaco, Consolas, "Liberation Mono", "Courier New", m= onospace;;background:#f9f9f9;">oauth2</code> maintainer) about it. Julien s= aid it would be a good incorporation to the package but they don=E2=80=99t have time to review it. </p> <p style=3D"text-decoration:none;line-height:1.4;margin-top:10px;margin-bot= tom:0px;font-size:11pt;max-width:50em;"> Thank you for your time. </p> <div style=3D"font-family:-apple-system, BlinkMacSystemFont, "Segoe UI= ", Roboto, Oxygen, Ubuntu, Cantarell, "Fira Sans", &q= uot;Droid Sans", "Helvetica Neue", Arial, sans-serif, "= Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol&= quot;;;font-size:11pt;margin-bottom:20px;font-family:-apple-system, BlinkMa= cSystemFont, "Segoe UI", Roboto, Oxygen, Ubuntu, Cantarell, = "Fira Sans", "Droid Sans", "Helvetica Neue"= , Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji&qu= ot;, "Segoe UI Symbol";;font-size:11pt;line-height:12pt;" id=3D"o= rg61f4dd0"> <p style=3D"text-decoration:none;line-height:1.4;margin-top:10px;margin-bot= tom:0px;font-size:11pt;max-width:50em;"> Adri=C3=A0 Garriga-Alonso </p> </div> </div> </body></html> --==-=-=-- --=-=-=--
Adrià Garriga-Alonso <adria.garriga@HIDDEN>:bug-gnu-emacs@HIDDEN.
Full text available.bug-gnu-emacs@HIDDEN:bug#54913; Package emacs.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.