From: Dmitry Torokhov <dmitry.torokhov@gmail.com>
To: Tomas Melin <tomas.melin@vaisala.com>
Cc: Konstantin Ryabitsev <konstantin@linuxfoundation.org>, tools@kernel.org
Subject: Re: [PATCH] b4: allow using xoauth2/bearer token to authenticate to SMTP servers
Date: Mon, 9 Mar 2026 07:49:27 +0000 [thread overview]
Message-ID: <aa54CjijJk_1S4dd@google.com> (raw)
In-Reply-To: <56dc34c8-c63e-47c8-9ea7-4420d71574f2@vaisala.com>
Hi Tomas,
On Mon, Mar 09, 2026 at 09:28:30AM +0200, Tomas Melin wrote:
> Hi,
>
> On 06/03/2026 19:35, Dmitry Torokhov wrote:
> > On Fri, Mar 06, 2026 at 12:18:45PM -0500, Konstantin Ryabitsev wrote:
> > > On Fri, 06 Mar 2026 08:20:18 -0800, Dmitry Torokhov <dmitry.torokhov@gmail.com> wrote:
> > > > Allow using XOAUTH2 as an authentication protocol and assume that when
> > > > XOAUTH2 is specified the password is actually a bearer token (typically
> > > > not stored in the config but rather returned via "git credentials".
> > > >
> > > > Recognize "oauth", "oauth2" as aliases for "xoauth2".
> > > Hmm... we do have another series already for XOAUTH2 support:
> > > https://lore.kernel.org/tools/20260205-smtp-oauth2-outlook-v2-2-6a5eb233b285@vaisala.com/
> > >
> > > However, it's outstanding with a few requests. I wonder if we can take
> > > this one as a first patch and then build the other series on top of
> > > this.
> > >
> > > Cc'ing Tomas on this.
>
> Perhaps I'm missing something but this approach looks to me more like a
> workaround. I'm not seeing how it handles the oauth2 lifecycle expiration
> which is typically within hours. The other series handles that with a helper
> that will update the token transparently as needed.
In my setup "git credential" returns bearer token that should last
enough for this b4 run. Next time b4 runs "git credential" will request
a new bearer token if previous one expired. It is not expected that the
token is stored in the configuration file. It looks like
git-credential-email behavior should also be compatible with this use.
However looking at your patch I do not understand why you want to parse
configuration and run the helpers directly instead of having "git
credential" return the data for you and rely on it to figure out what
helper to use and how. It gets protocol, username, and host and should
be able to figure out what should be returned. It is not b4's role to
interact directly with git helpers.
I also do not see any traces of handling lifetime expiration in your
patch either... Not that it is needed IMO.
Thanks.
--
Dmitry
next prev parent reply other threads:[~2026-03-09 7:49 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-06 16:20 [PATCH] b4: allow using xoauth2/bearer token to authenticate to SMTP servers Dmitry Torokhov
2026-03-06 17:18 ` Konstantin Ryabitsev
2026-03-06 17:35 ` Dmitry Torokhov
2026-03-09 7:28 ` Tomas Melin
2026-03-09 7:49 ` Dmitry Torokhov [this message]
2026-03-09 9:50 ` Tomas Melin
2026-03-09 17:13 ` Dmitry Torokhov
2026-03-10 6:48 ` Tomas Melin
2026-03-10 7:10 ` Dmitry Torokhov
2026-03-11 15:41 ` Konstantin Ryabitsev
2026-03-13 2:05 ` Konstantin Ryabitsev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aa54CjijJk_1S4dd@google.com \
--to=dmitry.torokhov@gmail.com \
--cc=konstantin@linuxfoundation.org \
--cc=tomas.melin@vaisala.com \
--cc=tools@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox