summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2021-12-04 13:19:53 -0700
committerEduardo Chappa <chappa@washington.edu>2021-12-04 13:19:53 -0700
commit90d819144d14e3ca375ead5aa2c3b3158248780a (patch)
treead63c4930cbe69257185dd9de4804c95b95e0abb
parentb49234ede812f5860c6ed206603c28ee0d1b5917 (diff)
downloadalpine-90d819144d14e3ca375ead5aa2c3b3158248780a.tar.xz
* Only "Authorize" and "Device" are values accepted for the flow during
initial authentication using XOAUTH2. A warning message (and error) will be seen by the user in case the user attempts a different flow.
-rw-r--r--alpine/confscroll.c9
-rw-r--r--alpine/confscroll.h14
-rw-r--r--alpine/imap.c31
-rw-r--r--alpine/xoauth2conf.c27
-rw-r--r--pith/pine.hlp2
5 files changed, 53 insertions, 30 deletions
diff --git a/alpine/confscroll.c b/alpine/confscroll.c
index 8bfb533d..49a5231c 100644
--- a/alpine/confscroll.c
+++ b/alpine/confscroll.c
@@ -5765,6 +5765,15 @@ fix_side_effects(struct pine *ps, struct variable *var, int revert)
else if(var == &ps->vars[V_FEATURE_LIST]){
process_feature_list(ps, var->current_val.l, 0, 0, 0);
}
+ else if(var && var->name && !strcmp(var->name, XOAUTH2_FLOW)){
+ if(var->current_val.p
+ && strucmp(var->current_val.p, "Authorize")
+ && strucmp(var->current_val.p, "Device")){
+ q_status_message1(SM_ORDER | SM_DING, 3, 3,
+ _("Invalid value \"%s\". Use \"Authorize\" or \"Device\""),
+ var->current_val.p);
+ }
+ }
else if(!revert && (var == &ps->vars[V_LAST_TIME_PRUNE_QUESTION] ||
var == &ps->vars[V_REMOTE_ABOOK_HISTORY] ||
var == &ps->vars[V_REMOTE_ABOOK_VALIDITY] ||
diff --git a/alpine/confscroll.h b/alpine/confscroll.h
index c2b6e952..29501f27 100644
--- a/alpine/confscroll.h
+++ b/alpine/confscroll.h
@@ -38,6 +38,20 @@
#define next_confline(p) ((p) ? (p)->next : NULL)
#define prev_confline(p) ((p) ? (p)->prev : NULL)
+/* for xoaut2conf.h */
+#define XNAME "/NAME="
+#define XID "/ID="
+#define XSECRET "/SECRET="
+#define XTENANT "/TENANT="
+#define XUSER "/USER="
+#define XFLOW "/Flow="
+
+#define XOAUTH2_CLIENT_ID "Client-Id"
+#define XOAUTH2_CLIENT_SECRET "Client-Secret"
+#define XOAUTH2_TENANT "Tenant"
+#define XOAUTH2_USERS "Username"
+#define XOAUTH2_FLOW "Auth Flow"
+
extern char *empty_val;
extern char *empty_val2;
diff --git a/alpine/imap.c b/alpine/imap.c
index 68b1f220..8fada329 100644
--- a/alpine/imap.c
+++ b/alpine/imap.c
@@ -865,21 +865,34 @@ mm_login_oauth2(NETMBX *mb, char *user, char *method,
if(registered){
x = oauth2_get_client_info(oa2list->name, user);
if(!x) return; /* user cancelled, let's get out of here */
- if(x && x->flow){
- for(oa2list = alpine_oauth2_list;
+ if(x){
+ int error = 0;
+ if(x->flow){
+ for(oa2list = alpine_oauth2_list;
oa2list && oa2list->host != NULL && oa2list->host[0] != NULL;
oa2list++){
- for(i = 0; i < OAUTH2_TOT_EQUIV
+ for(i = 0; i < OAUTH2_TOT_EQUIV
&& oa2list->host[i] != NULL
&& strucmp(oa2list->host[i], mb->orighost) != 0; i++);
- if(i < OAUTH2_TOT_EQUIV && oa2list->host[i] != NULL){
- char *flow = oa2list->server_mthd[0].name ? "Authorize"
- : (oa2list->server_mthd[1].name ? "Device" : "Unknown");
- if(!strucmp(x->flow, flow)) break; /* found it */
- }
+ if(i < OAUTH2_TOT_EQUIV && oa2list->host[i] != NULL){
+ char *flow = oa2list->server_mthd[0].name ? "Authorize"
+ : (oa2list->server_mthd[1].name ? "Device" : NULL);
+ if(flow && !strucmp(x->flow, flow)) break; /* found it */
+ }
+ }
+ if(!oa2list || !oa2list->host || !oa2list->host[0])
+ error++;
+ }
+ else error++;
+ if(error){
+ if(x->flow)
+ q_status_message1(SM_ORDER | SM_DING, 3, 3, _("Unrecognized flow type \"%s\". Use \"Authorize\" or \"Device\""), x->flow);
+ else
+ q_status_message(SM_ORDER | SM_DING, 3, 3, _("Configuration does not specify flow type. Use \"Authorize\" or \"Device\""));
}
+ free_xoauth2_info(&x);
+ if(error) return;
}
- if (x) free_xoauth2_info(&x);
/* else use the one we found earlier, the user has to configure this better */
}
diff --git a/alpine/xoauth2conf.c b/alpine/xoauth2conf.c
index 7d5b72b8..4a92bf82 100644
--- a/alpine/xoauth2conf.c
+++ b/alpine/xoauth2conf.c
@@ -33,28 +33,15 @@ typedef struct xoauh2_info_val_s {
/* the order here must match the order in XTYPES above */
XOAUTH2_INFO_VAL_S x_default[] = {
- {NULL, "/NAME="},
- {"Client-Id", "/ID="},
- {"Client-Secret", "/SECRET="},
- {"Tenant", "/TENANT="},
- {"Username", "/USER="},
- {"Auth Flow", "/Flow="},
- {NULL, NULL}
+ {NULL, XNAME},
+ {XOAUTH2_CLIENT_ID, XID},
+ {XOAUTH2_CLIENT_SECRET, XSECRET},
+ {XOAUTH2_TENANT, XTENANT},
+ {XOAUTH2_USERS, XUSER},
+ {XOAUTH2_FLOW, XFLOW},
+ {NULL, NULL}
};
-#define XNAME x_default[Xname].pinerc_name
-#define XID x_default[Xid].pinerc_name
-#define XSECRET x_default[Xsecret].pinerc_name
-#define XTENANT x_default[Xtenant].pinerc_name
-#define XUSER x_default[Xuser].pinerc_name
-#define XFLOW x_default[XFlow].pinerc_name
-
-#define XOAUTH2_CLIENT_ID x_default[Xid].screen_name
-#define XOAUTH2_CLIENT_SECRET x_default[Xsecret].screen_name
-#define XOAUTH2_TENANT x_default[Xtenant].screen_name
-#define XOAUTH2_USERS x_default[Xuser].screen_name
-#define XOAUTH2_FLOW x_default[XFlow].screen_name
-
char *list_to_array(char **);
char **array_to_list(char *);
void write_xoauth_configuration(struct variable *, struct variable **, EditWhich);
diff --git a/pith/pine.hlp b/pith/pine.hlp
index 94cc9da3..bacd3413 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
reasonable place to be called from.
Dummy change to get revision in pine.hlp
============= h_revision =================
-Alpine Commit 629 2021-12-03 21:20:33
+Alpine Commit 630 2021-12-04 13:19:50
============= h_news =================
<HTML>
<HEAD>