Thread (8 messages) 8 messages, 3 authors, 2025-01-25

Re: [PATCH] send-email: implement SMTP bearer authentication

From: M Hickford <hidden>
Date: 2025-01-11 21:19:40 

On Sat, Jan 11, 2025 at 7:06 PM Julian Swagemakers
[off-list ref] wrote:
Hi Mirth, thanks for taking a look and testing.
quoted
Please could you add instructions how to test it?
Sure, below you can find steps which can be used for testing.

   # requirement git-credentials-oauth installed

   # build patched git
   git clone https://git.kernel.org/pub/scm/git/git.git tmp_git
   cd tmp_git
   curl https://lore.kernel.org/git/20240225103413.9845-1-julian@swagemakers.org/raw (local) |git am
   make

   # backup gitconfig
   mv ~/.gitconfig{,_backup}

   # create minimal gitconfig
   cat << EOF >> ~/.gitconfig

   [credential]
      helper = cache --timeout 7200
      helper = oauth
   [credential "smtp://smtp.gmail.com:587"]
      oauthClientId = 406964657835-aq8lmia8j95dhl1a2bvharmfk3t1hgqj.apps.googleusercontent.com
      oauthClientSecret = kSmqreRr0qwBWJgbf5Y-PjSU
      oauthScopes = https://mail.google.com/
      oauthAuthURL = https://accounts.google.com/o/oauth2/auth
      oauthTokenURL = https://oauth2.googleapis.com/token
   [user]
      email = you@example.com
      name = Your Name

   EOF

   # create email to send
   cat << EOF >> message.txt
   Subject: test email from git

   Hay from git

   EOF

   # update PATH to use patched git
   export PATH="${PWD}:${PATH}"

   # confirm you are using the correct git version, should look
   # something like `git version 2.48.0.rc2.32.g5adec67521`
   git --version

   git send-email \
    --to=email@example.com \
    --smtp-auth=XOAUTH2 \
    --smtp-encryption=tls \
    --smtp-server-port=587 \
    --smtp-server=smtp.gmail.com \
    --smtp-debug=1 \
    --smtp-user=you@example.com \
    message.txt

    # now the browser should open with the oauth flow.
quoted
Which servers have you tested?
I've tested this with gmail using a consumer google account as well as a
managed google account and with the office settings I've tested
office365.
quoted
Looking at the debug information, it looks like the SMTP command "AUTH
XOAUTH2 <base64>" was corrupted by a space at column 241. Exactly one
base64 string should follow "AUTH XOAUTH2 ", no spaces.
I can also see a space in the debug output, but the position depends on
my terminal size, and it is not interfering with authentication in my
case. I think it is caused by output formatting of the debug statement
and not the source of the issue you are having.

If you have a coded auth string you can use openssl client directly
to test it.

   openssl s_client -starttls smtp -connect smtp.gmail.com:587

   AUTH XOAUTH2 auth_sting

If you have the xoauth2 access token you can create the auth string with

   echo -n -e "user=${EMAIL}\x01auth=Bearer ${TOKEN}\x01\x01" | base64 -w0

If that does not help, can you give me some more details on your setup?
Then I'll try to reproduce the problem.
Oops I had my email accounts mixed up.

I confirm both XOAUTH2 and OAUTHBEARER work to send email with gmail.com

Tested-by: mirth.hickford@gmail.com

I've tested the steps above on Arch Linux with Perl v5.40.0, and
Ubuntu with Perl v5.38.2.

Regards Julian
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help