Mercurial > p > roundup > code
comparison roundup/scripts/roundup_mailgw.py @ 7081:f918351a0fe6
Put oauth client secret into a file
.. and get rid of the -I option of the mailgw script.
| author | Ralf Schlatterbeck <rsc@runtux.com> |
|---|---|
| date | Sat, 26 Nov 2022 11:32:12 +0100 |
| parents | 27c2d7295ba2 |
| children | f0d39308819f |
comparison
equal
deleted
inserted
replaced
| 7080:dd15c307c409 | 7081:f918351a0fe6 |
|---|---|
| 121 | 121 |
| 122 IMAPS_OAUTH: | 122 IMAPS_OAUTH: |
| 123 Connect to an IMAP server over ssl using OAUTH authentication. | 123 Connect to an IMAP server over ssl using OAUTH authentication. |
| 124 Note that this does not support a password in imaps URLs. | 124 Note that this does not support a password in imaps URLs. |
| 125 Instead it uses only the user and server and a command-line option for | 125 Instead it uses only the user and server and a command-line option for |
| 126 the directory with the files 'access_token', 'refresh_token', and | 126 the directory with the files 'access_token', 'refresh_token', |
| 127 'client_secret'. | 127 'client_secret', and 'client_id'. |
| 128 By default this directory is 'oauth' in your tracker home directory. The | 128 By default this directory is 'oauth' in your tracker home directory. The |
| 129 access token is tried first and, if expired, the refresh token together | 129 access token is tried first and, if expired, the refresh token together |
| 130 with the client secret is used to retrieve a new access token. Note that | 130 with the client secret is used to retrieve a new access token. Note that |
| 131 both token files need to be *writeable*, the access token is | 131 both token files need to be *writeable*, the access token is |
| 132 continuously replaced and some cloud providers may also renew the | 132 continuously replaced and some cloud providers may also renew the |
| 133 refresh token from time to time: | 133 refresh token from time to time: |
| 134 imaps_oauth username@server [mailbox] | 134 imaps_oauth username@server [mailbox] |
| 135 Note that you also have to specify the OAuth client id with the | 135 The refresh and access tokens (the latter can be left empty), the |
| 136 ``--oauth-client-id`` option on the command line. The refresh and | 136 client id and the client secret need to be retrieved via cloud provider |
| 137 access tokens (the latter can be left empty) and the client secret need | 137 specific protocols or websites. |
| 138 to be retrieved via cloud provider specific protocols or websites. | |
| 139 | 138 |
| 140 | 139 |
| 141 | 140 |
| 142 """ | 141 """ |
| 143 | 142 |
| 152 cmd.add_argument('-v', '--version', action='store_true', | 151 cmd.add_argument('-v', '--version', action='store_true', |
| 153 help='print version and exit') | 152 help='print version and exit') |
| 154 cmd.add_argument('-c', '--default_class', default='', | 153 cmd.add_argument('-c', '--default_class', default='', |
| 155 help="Default class of item to create (else the tracker's " | 154 help="Default class of item to create (else the tracker's " |
| 156 "MAILGW_DEFAULT_CLASS)") | 155 "MAILGW_DEFAULT_CLASS)") |
| 157 cmd.add_argument('-I', '--oauth-client-id', | |
| 158 help='ID for OAUTH token refresh') | |
| 159 cmd.add_argument('-O', '--oauth-directory', | 156 cmd.add_argument('-O', '--oauth-directory', |
| 160 help='Directory with OAUTH credentials, default "oauth" in ' | 157 help='Directory with OAUTH credentials, default "oauth" in ' |
| 161 'tracker home') | 158 'tracker home') |
| 162 cmd.add_argument('-S', '--set-value', action='append', | 159 cmd.add_argument('-S', '--set-value', action='append', |
| 163 help="Set additional properties on some classes", default=[]) | 160 help="Set additional properties on some classes", default=[]) |
| 246 elif source.endswith('s_cram'): | 243 elif source.endswith('s_cram'): |
| 247 d.update(ssl = 1, cram = 1) | 244 d.update(ssl = 1, cram = 1) |
| 248 elif source == 'imaps_oauth': | 245 elif source == 'imaps_oauth': |
| 249 d.update(ssl = 1, oauth = 1, oauth_path = args.oauth_directory) | 246 d.update(ssl = 1, oauth = 1, oauth_path = args.oauth_directory) |
| 250 d.update(token_endpoint = args.oauth_token_endpoint) | 247 d.update(token_endpoint = args.oauth_token_endpoint) |
| 251 d.update(oauth_client_id = args.oauth_client_id) | |
| 252 mailbox = '' | 248 mailbox = '' |
| 253 if len(args.args) > 3: | 249 if len(args.args) > 3: |
| 254 mailbox = args.args[3] | 250 mailbox = args.args[3] |
| 255 return handler.do_imap(server, username, password, mailbox, **d) | 251 return handler.do_imap(server, username, password, mailbox, **d) |
| 256 | 252 |