summaryrefslogtreecommitdiff
path: root/imap/src
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2020-08-29 18:58:30 -0600
committerEduardo Chappa <chappa@washington.edu>2020-08-29 18:58:30 -0600
commitf12bfecb345d42bc3b57e76b8f2e71548ceefc16 (patch)
tree23291d9542a79af1b8eb73e00db7248d94c26e7c /imap/src
parent116585bd28c0dbe4c4663229eb64755545601e6c (diff)
downloadalpine-f12bfecb345d42bc3b57e76b8f2e71548ceefc16.tar.xz
* When a server expires a refresh token, Alpine needs to cancel it
internally. * Fixes to some prototyping for code related to authentication. * Fixes to documentation contributed by Dennis Davis.
Diffstat (limited to 'imap/src')
-rw-r--r--imap/src/c-client/auth_bea.c3
-rw-r--r--imap/src/c-client/auth_oa2.c5
-rw-r--r--imap/src/c-client/mail.h1
-rw-r--r--imap/src/c-client/oauth2_aux.c15
4 files changed, 17 insertions, 7 deletions
diff --git a/imap/src/c-client/auth_bea.c b/imap/src/c-client/auth_bea.c
index e5800427..64c3aa6c 100644
--- a/imap/src/c-client/auth_bea.c
+++ b/imap/src/c-client/auth_bea.c
@@ -99,7 +99,8 @@ long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder
&& (oauth2.access_token
|| (!RefreshToken && oauth2.param[OA2_RefreshToken].value)
|| (RefreshToken && oauth2.param[OA2_RefreshToken].value
- && strcmp(RefreshToken, oauth2.param[OA2_RefreshToken].value))))
+ && strcmp(RefreshToken, oauth2.param[OA2_RefreshToken].value)
+ || oauth2.cancel_refresh_token)))
mm_login_method (mb, user, (void *) &oauth2, *trial, BEARERNAME);
}
diff --git a/imap/src/c-client/auth_oa2.c b/imap/src/c-client/auth_oa2.c
index f5345bfa..dac87960 100644
--- a/imap/src/c-client/auth_oa2.c
+++ b/imap/src/c-client/auth_oa2.c
@@ -124,10 +124,11 @@ long auth_oauth2_client (authchallenge_t challenger,authrespond_t responder, cha
*/
if(!tryanother
- && (oauth2.access_token
+ && (oauth2.access_token
|| (!RefreshToken && oauth2.param[OA2_RefreshToken].value)
|| (RefreshToken && oauth2.param[OA2_RefreshToken].value
- && strcmp(RefreshToken, oauth2.param[OA2_RefreshToken].value))))
+ && strcmp(RefreshToken, oauth2.param[OA2_RefreshToken].value)
+ || oauth2.cancel_refresh_token)))
mm_login_method (mb, user, (void *) &oauth2, *trial, OA2NAME);
}
diff --git a/imap/src/c-client/mail.h b/imap/src/c-client/mail.h
index 9a02c5f9..13bbc84f 100644
--- a/imap/src/c-client/mail.h
+++ b/imap/src/c-client/mail.h
@@ -1989,6 +1989,7 @@ typedef struct oauth2_s {
unsigned long expiration;
unsigned int first_time:1; /* this is the first time we get credentials for this account */
unsigned int require_secret:1; /* this server requires a client-secret */
+ int cancel_refresh_token; /* ask client to cancel refresh token */
} OAUTH2_S;
typedef struct deviceproc_s {
diff --git a/imap/src/c-client/oauth2_aux.c b/imap/src/c-client/oauth2_aux.c
index 6fab2917..6b7c401b 100644
--- a/imap/src/c-client/oauth2_aux.c
+++ b/imap/src/c-client/oauth2_aux.c
@@ -223,11 +223,13 @@ mm_login_oauth2_c_client_method (NETMBX *mb, char *user, char *method,
case JLong : oauth2->expiration = time(0) + *(long *) jx->value;
break;
}
+ oauth2->cancel_refresh_token = 0; /* do not cancel this token. It is good */
break;
default : { char tmp[100];
- sprintf(tmp, "Oauth2 client Received Code %d", status);
- mm_log (tmp, ERROR);
+ sprintf(tmp, "Oauth2 client Received Code %d", status);
+ mm_log (tmp, ERROR);
+ oauth2->cancel_refresh_token++;
}
break;
}
@@ -284,13 +286,16 @@ mm_login_oauth2_c_client_method (NETMBX *mb, char *user, char *method,
if(jx && jx->jtype == JString)
oauth2->expiration = time(0) + atol((char *) jx->value);
+ oauth2->cancel_refresh_token = 0; /* do not cancel this token. It is good */
+
break;
case HTTP_BAD : break;
default : { char tmp[100];
sprintf(tmp, "Oauth2 Client Received Code %d", status);
- fatal (tmp);
+ mm_log (tmp, ERROR);
+ oauth2->cancel_refresh_token++;
}
}
@@ -356,13 +361,15 @@ void oauth2deviceinfo_get_accesscode(void *inp, void *outp)
}
rv = OA2_CODE_SUCCESS;
+ oauth2->cancel_refresh_token = 0; /* do not cancel this token. It is good */
break;
default : { char tmp[100];
sprintf(tmp, "Oauth device Received Code %d", status);
mm_log (tmp, ERROR);
- }
+ oauth2->cancel_refresh_token++;
+ }
}
json_free(&json);