NeoMutt  2020-06-26-250-g349c94
Teaching an old dog new tricks
DOXYGEN
auth_oauth.c File Reference

IMAP OAUTH authentication method. More...

#include "config.h"
#include <stdio.h>
#include "private.h"
#include "mutt/lib.h"
#include "conn/lib.h"
#include "auth.h"
#include "lib.h"
#include "mutt_logging.h"
#include "mutt_socket.h"
+ Include dependency graph for auth_oauth.c:

Go to the source code of this file.

Functions

enum ImapAuthRes imap_auth_oauth (struct ImapAccountData *adata, const char *method)
 Authenticate an IMAP connection using OAUTHBEARER - Implements ImapAuth::authenticate() More...
 

Detailed Description

IMAP OAUTH authentication method.

Authors
  • Brendan Cully
  • Brandon Long

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

Definition in file auth_oauth.c.

Function Documentation

◆ imap_auth_oauth()

enum ImapAuthRes imap_auth_oauth ( struct ImapAccountData adata,
const char *  method 
)

Authenticate an IMAP connection using OAUTHBEARER - Implements ImapAuth::authenticate()

Parameters
adataImap Account data
methodName of this authentication method
Return values
numResult, e.g. IMAP_AUTH_SUCCESS

Definition at line 46 of file auth_oauth.c.

47 {
48  char *ibuf = NULL;
49  char *oauthbearer = NULL;
50  int ilen;
51  int rc;
52 
53  /* For now, we only support SASL_IR also and over TLS */
54  if (!(adata->capabilities & IMAP_CAP_AUTH_OAUTHBEARER) ||
55  !(adata->capabilities & IMAP_CAP_SASL_IR) || (adata->conn->ssf == 0))
56  {
57  return IMAP_AUTH_UNAVAIL;
58  }
59 
60  /* If they did not explicitly request or configure oauth then fail quietly */
61  if (!method && !C_ImapOauthRefreshCommand)
62  return IMAP_AUTH_UNAVAIL;
63 
64  // L10N: (%s) is the method name, e.g. Anonymous, CRAM-MD5, GSSAPI, SASL
65  mutt_message(_("Authenticating (%s)..."), "OAUTHBEARER");
66 
67  /* We get the access token from the imap_oauth_refresh_command */
68  oauthbearer = mutt_account_getoauthbearer(&adata->conn->account);
69  if (!oauthbearer)
70  return IMAP_AUTH_FAILURE;
71 
72  ilen = mutt_str_len(oauthbearer) + 30;
73  ibuf = mutt_mem_malloc(ilen);
74  snprintf(ibuf, ilen, "AUTHENTICATE OAUTHBEARER %s", oauthbearer);
75 
76  /* This doesn't really contain a password, but the token is good for
77  * an hour, so suppress it anyways. */
78  rc = imap_exec(adata, ibuf, IMAP_CMD_PASS);
79 
80  FREE(&oauthbearer);
81  FREE(&ibuf);
82 
83  if (rc != IMAP_EXEC_SUCCESS)
84  {
85  /* The error response was in SASL continuation, so continue the SASL
86  * to cause a failure and exit SASL input. See RFC7628 3.2.3 */
87  mutt_socket_send(adata->conn, "\001");
88  rc = imap_exec(adata, ibuf, IMAP_CMD_NO_FLAGS);
89  }
90 
91  if (rc == IMAP_EXEC_SUCCESS)
92  {
94  return IMAP_AUTH_SUCCESS;
95  }
96 
97  // L10N: %s is the method name, e.g. Anonymous, CRAM-MD5, GSSAPI, SASL
98  mutt_error(_("%s authentication failed"), "OAUTHBEARER");
99  return IMAP_AUTH_FAILURE;
100 }
struct ConnAccount account
Account details: username, password, etc.
Definition: connection.h:36
#define mutt_socket_send(conn, buf)
Definition: mutt_socket.h:37
unsigned int ssf
Security strength factor, in bits (see below)
Definition: connection.h:37
#define mutt_message(...)
Definition: logging.h:83
#define IMAP_CAP_SASL_IR
SASL initial response draft.
Definition: private.h:134
#define _(a)
Definition: message.h:28
char * C_ImapOauthRefreshCommand
Config: (imap) External command to generate OAUTH refresh token.
Definition: config.c:49
Authentication method not permitted.
Definition: auth.h:40
Imap command executed or queued successfully.
Definition: private.h:83
Authentication failed.
Definition: auth.h:39
void mutt_clear_error(void)
Clear the message line (bottom line of screen)
Definition: mutt_logging.c:113
int imap_exec(struct ImapAccountData *adata, const char *cmdstr, ImapCmdFlags flags)
Execute a command and wait for the response from the server.
Definition: command.c:1247
void * mutt_mem_malloc(size_t size)
Allocate memory on the heap.
Definition: memory.c:90
#define IMAP_CMD_PASS
Command contains a password. Suppress logging.
Definition: private.h:73
ImapCapFlags capabilities
Definition: private.h:185
#define IMAP_CMD_NO_FLAGS
No flags are set.
Definition: private.h:72
#define IMAP_CAP_AUTH_OAUTHBEARER
RFC7628: AUTH=OAUTHBEARER.
Definition: private.h:130
size_t mutt_str_len(const char *a)
Calculate the length of a string, safely.
Definition: string.c:636
#define mutt_error(...)
Definition: logging.h:84
#define FREE(x)
Definition: memory.h:40
char * mutt_account_getoauthbearer(struct ConnAccount *cac)
Get an OAUTHBEARER token.
Definition: connaccount.c:158
Authentication successful.
Definition: auth.h:38
struct Connection * conn
Definition: private.h:171
+ Here is the call graph for this function: