-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Forward-compatible SASL API #68
base: master
Are you sure you want to change the base?
Conversation
I've been using a personal fork of |
baf9035
to
628f113
Compare
This PR is still fairly large. So I've converted it to draft, and I'm going to split it into several more bite-sized PRs which can mostly be applied directly to I'd still welcome feedback on this PR as it is. Unless I hear feedback otherwise, I don't expect the final form will be significantly different from this. |
4efd8a4
to
745c320
Compare
745c320
to
5e2e2ef
Compare
846e9cb
to
510c293
Compare
This adds a new `auth` keyword param to `Net::SMTP.start` and `#start` that can be used to pass any arbitrary keyword parameters to `#authenticate`. The pre-existing `username`, `secret`, etc keyword params will retain their existing behavior as positional arguments to `#authenticate`.
Although "user" is a reasonable abbreviation, the parameter is more accurately described as a "username" or an "authentication identity". They are synonomous here, with "username" winning when both are present.
Username can be set by args[0], authcid, username, or user. Secret can be set by args[1], secret, or password. Since all of the existing authenticators have the same API, it is sufficient to update `check_args` in the base class.
This API is a little bit confusing, IMO. But it does preserve backward compatibility, while allowing authenticators that don't allow positional parameters to work without crashing. But, authenticators that require only one parameter—or more than three—will still be inaccessible.
This is convenient for `smtp.start auth: {type:, **etc}`.
Although `#authenticate` can be updated to make username and secret _both_ optional, by placing the mechanism last and making it optional, it's not possible to use an authenticator with a _single_ positional parameter or with more than two positional parameters. By placing `type` first among positional parameters or as a keyword argument, we avoid this problem.
510c293
to
d8cc256
Compare
It is my belief that the current API for
#start
and#authenticate
can't fully support every SASL mechanism. Most of the necessary changes have been implemented by #71, and are described in that ticket.This PR adds a new
Net::SMTP#auth
method which is similar to#authenticate
, but uses a different call signature:type
is passed in either as a keyword argument or as the first positional argument. All other arguments are forwarded to the authenticator.Although #71 updates
#authenticate
to forward keyword args and a block and makes username and secret both optional, there are limitations to maintaining backward-compatibility with the existing#authenticate
method. Because the mechanism is last and optional it's not possible to use an authenticator with a single positional parameter or with more than two positional parameters. The call signature used by#auth
avoids this problem.As currently written, this PR depends on the following other PRs:
#auth_capable?
public #63Wrap#authenticate
withcritical
#65username
keyword param tostart
methods #72auth_method
#67This PR is intended as a transition between the v0.4.0
#authenticate
method and a shared SASL implementation, either usingnet-imap
's implementation or extracting it to anet-sasl
gem (see ruby/net-imap#23). The#auth
and#start
API in this PR are both compatible with all of the SASL mechanisms supported bynet-imap
v0.4.1. The following PRs depend on this one:PLAIN
,CRAM-MD5
, andLOGIN
implementations #70