From 1d74a330becd955ae0bbfb41dbc4514e794b801b Mon Sep 17 00:00:00 2001 From: nick evans Date: Sat, 14 Oct 2023 18:44:41 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20Add=20`secret`=20alias=20to=20re?= =?UTF-8?q?levant=20SASL=20mechanisms?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit `secret` is similar to `username`: a convenient alias with ambiguous semantics. Adding it is reasonable, but I probably wouldn't add it only for `Net::IMAP`. However, `Net::SMTP` uses it, and probably others would find it useful too. --- lib/net/imap/sasl/cram_md5_authenticator.rb | 4 ++-- lib/net/imap/sasl/digest_md5_authenticator.rb | 4 ++-- lib/net/imap/sasl/login_authenticator.rb | 4 ++-- lib/net/imap/sasl/oauthbearer_authenticator.rb | 7 +++++-- lib/net/imap/sasl/plain_authenticator.rb | 5 +++-- lib/net/imap/sasl/scram_authenticator.rb | 5 +++-- lib/net/imap/sasl/xoauth2_authenticator.rb | 5 +++-- 7 files changed, 20 insertions(+), 14 deletions(-) diff --git a/lib/net/imap/sasl/cram_md5_authenticator.rb b/lib/net/imap/sasl/cram_md5_authenticator.rb index d5648515..4f33ecc3 100644 --- a/lib/net/imap/sasl/cram_md5_authenticator.rb +++ b/lib/net/imap/sasl/cram_md5_authenticator.rb @@ -16,7 +16,7 @@ class Net::IMAP::SASL::CramMD5Authenticator def initialize(user = nil, pass = nil, authcid: nil, username: nil, - password: nil, + password: nil, secret: nil, warn_deprecation: true, **) if warn_deprecation @@ -24,7 +24,7 @@ def initialize(user = nil, pass = nil, end require "digest/md5" @user = authcid || username || user - @password = password || pass + @password = password || secret || pass @done = false end diff --git a/lib/net/imap/sasl/digest_md5_authenticator.rb b/lib/net/imap/sasl/digest_md5_authenticator.rb index 3945f155..59080368 100644 --- a/lib/net/imap/sasl/digest_md5_authenticator.rb +++ b/lib/net/imap/sasl/digest_md5_authenticator.rb @@ -69,11 +69,11 @@ class Net::IMAP::SASL::DigestMD5Authenticator # Any other keyword arguments are silently ignored. def initialize(user = nil, pass = nil, authz = nil, username: nil, password: nil, authzid: nil, - authcid: nil, + authcid: nil, secret: nil, warn_deprecation: true, **) username = authcid || username || user or raise ArgumentError, "missing username (authcid)" - password ||= pass or raise ArgumentError, "missing password" + password ||= secret || pass or raise ArgumentError, "missing password" authzid ||= authz if warn_deprecation warn "WARNING: DIGEST-MD5 SASL mechanism was deprecated by RFC6331." diff --git a/lib/net/imap/sasl/login_authenticator.rb b/lib/net/imap/sasl/login_authenticator.rb index 81201f66..7496793d 100644 --- a/lib/net/imap/sasl/login_authenticator.rb +++ b/lib/net/imap/sasl/login_authenticator.rb @@ -25,14 +25,14 @@ class Net::IMAP::SASL::LoginAuthenticator def initialize(user = nil, pass = nil, authcid: nil, username: nil, - password: nil, + password: nil, secret: nil, warn_deprecation: true, **) if warn_deprecation warn "WARNING: LOGIN SASL mechanism is deprecated. Use PLAIN instead." end @user = authcid || username || user - @password = password || pass + @password = password || secret || pass @state = STATE_USER end diff --git a/lib/net/imap/sasl/oauthbearer_authenticator.rb b/lib/net/imap/sasl/oauthbearer_authenticator.rb index f7191c71..532f1e12 100644 --- a/lib/net/imap/sasl/oauthbearer_authenticator.rb +++ b/lib/net/imap/sasl/oauthbearer_authenticator.rb @@ -139,6 +139,7 @@ class OAuthBearerAuthenticator < OAuthAuthenticator # An OAuth 2.0 bearer token. See {RFC-6750}[https://www.rfc-editor.org/rfc/rfc6750] attr_reader :oauth2_token + alias secret oauth2_token # :call-seq: # new(oauth2_token, **options) -> authenticator @@ -173,10 +174,12 @@ class OAuthBearerAuthenticator < OAuthAuthenticator # noting that application protocols are allowed to # require #authzid (or other parameters, such as #host # _or_ #port) as are specific server implementations. - def initialize(arg1 = nil, arg2 = nil, oauth2_token: nil, **args, &blk) + def initialize(arg1 = nil, arg2 = nil, + oauth2_token: nil, secret: nil, + **args, &blk) username, oauth2_token_arg = arg2.nil? ? [nil, arg1] : [arg1, arg2] super(username: username, **args, &blk) - @oauth2_token = oauth2_token || oauth2_token_arg or + @oauth2_token = oauth2_token || secret || oauth2_token_arg or raise ArgumentError, "missing oauth2_token" end diff --git a/lib/net/imap/sasl/plain_authenticator.rb b/lib/net/imap/sasl/plain_authenticator.rb index cb1acf24..388177c1 100644 --- a/lib/net/imap/sasl/plain_authenticator.rb +++ b/lib/net/imap/sasl/plain_authenticator.rb @@ -26,6 +26,7 @@ class Net::IMAP::SASL::PlainAuthenticator # A password or passphrase that matches the #username. attr_reader :password + alias secret password # Authorization identity: an identity to act as or on behalf of. The identity # form is application protocol specific. If not provided or left blank, the @@ -64,11 +65,11 @@ class Net::IMAP::SASL::PlainAuthenticator # # Any other keyword parameters are quietly ignored. def initialize(user = nil, pass = nil, - authcid: nil, + authcid: nil, secret: nil, username: nil, password: nil, authzid: nil, **) username ||= authcid || user or raise ArgumentError, "missing username (authcid)" - password ||= pass or raise ArgumentError, "missing password" + password ||= secret || pass or raise ArgumentError, "missing password" raise ArgumentError, "username contains NULL" if username.include?(NULL) raise ArgumentError, "password contains NULL" if password.include?(NULL) raise ArgumentError, "authzid contains NULL" if authzid&.include?(NULL) diff --git a/lib/net/imap/sasl/scram_authenticator.rb b/lib/net/imap/sasl/scram_authenticator.rb index 01c63480..141e8321 100644 --- a/lib/net/imap/sasl/scram_authenticator.rb +++ b/lib/net/imap/sasl/scram_authenticator.rb @@ -80,13 +80,13 @@ class ScramAuthenticator def initialize(username_arg = nil, password_arg = nil, authcid: nil, username: nil, authzid: nil, - password: nil, + password: nil, secret: nil, min_iterations: 4096, # see both RFC5802 and RFC7677 cnonce: nil, # must only be set in tests **options) @username = username || username_arg || authcid or raise ArgumentError, "missing username (authcid)" - @password = password || password_arg or + @password = password || secret || password_arg or raise ArgumentError, "missing password" @authzid = authzid @@ -109,6 +109,7 @@ def initialize(username_arg = nil, password_arg = nil, # A password or passphrase that matches the #username. attr_reader :password + alias secret password # Authorization identity: an identity to act as or on behalf of. The # identity form is application protocol specific. If not provided or diff --git a/lib/net/imap/sasl/xoauth2_authenticator.rb b/lib/net/imap/sasl/xoauth2_authenticator.rb index 819b42ff..1dbc5055 100644 --- a/lib/net/imap/sasl/xoauth2_authenticator.rb +++ b/lib/net/imap/sasl/xoauth2_authenticator.rb @@ -42,6 +42,7 @@ class Net::IMAP::SASL::XOAuth2Authenticator # An OAuth2 access token which has been authorized with the appropriate OAuth2 # scopes to use the service for #username. attr_reader :oauth2_token + alias secret oauth2_token # :call-seq: # new(username, oauth2_token, **) -> authenticator @@ -68,10 +69,10 @@ class Net::IMAP::SASL::XOAuth2Authenticator # # Any other keyword parameters are quietly ignored. def initialize(user = nil, token = nil, username: nil, oauth2_token: nil, - authzid: nil, **) + authzid: nil, secret: nil, **) @username = authzid || username || user or raise ArgumentError, "missing username (authzid)" - @oauth2_token = oauth2_token || token or + @oauth2_token = oauth2_token || secret || token or raise ArgumentError, "missing oauth2_token" @done = false end