2FA/OAuth2 becoming a more and more regular thing these days (and a lot of SUSE devs being recently impacted by it), I've thrown together a quick patch to allow imap-send to support it. This uses https://github.com/jeffmahoney/oauth2-clientd. It can be used with Outlook365 or Gmail. It creates a file with a token to be used to authenticate. As libcurl supports this type of authentication, it is quite easy from there. With this patch you still get prompted for you password even though it is not used but it overall works. Before going any further on this, I wanted some feedback on the approach itself. --- imap-send.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/imap-send.c b/imap-send.c index bb085d66d105..951d6bca696a 100644 --- a/imap-send.c +++ b/imap-send.c @@ -91,6 +91,7 @@ struct imap_server_conf { const char *folder; const char *user; const char *pass; + const char *oauth; int use_ssl; int ssl_verify; int use_html; @@ -105,6 +106,7 @@ static struct imap_server_conf server = { NULL, /* folder */ NULL, /* user */ NULL, /* pass */ + NULL, /* oauth */ 0, /* use_ssl */ 1, /* ssl_verify */ 0, /* use_html */ @@ -1355,6 +1357,8 @@ static int git_imap_config(const char *var, const char *val, void *cb) return git_config_string(&server.tunnel, var, val); else if (!strcmp("imap.authmethod", var)) return git_config_string(&server.auth_method, var, val); + else if (!strcmp("imap.oauth", var)) + return git_config_string(&server.oauth, var, val); else if (!strcmp("imap.port", var)) server.port = git_config_int(var, val); else if (!strcmp("imap.host", var)) { @@ -1432,7 +1436,23 @@ static CURL *setup_curl(struct imap_server_conf *srvc, struct credential *cred) server_fill_credential(&server, cred); curl_easy_setopt(curl, CURLOPT_USERNAME, server.user); - curl_easy_setopt(curl, CURLOPT_PASSWORD, server.pass); + + if (server.oauth) { + struct strbuf sb = STRBUF_INIT; + size_t sz; + char *token; + + sz = strbuf_read_file(&sb, server.oauth, 0); + if (sz < 0) + die("failed to read oauth token file"); + + strbuf_trim_trailing_newline(&sb); + token = strbuf_detach(&sb, &sz); + curl_easy_setopt(curl, CURLOPT_XOAUTH2_BEARER, token); + free(token); + } else { + curl_easy_setopt(curl, CURLOPT_PASSWORD, server.pass); + } strbuf_addstr(&path, server.use_ssl ? "imaps://" : "imap://"); strbuf_addstr(&path, server.host); -- 2.31.1.5.g533053588dc3