Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add oauth2 password authentication #27806

Closed
wants to merge 1 commit into from
Closed

add oauth2 password authentication #27806

wants to merge 1 commit into from

Conversation

p5n
Copy link
Contributor

@p5n p5n commented Jul 5, 2021
edited by szaimen
Loading

Fix #25894

@p5n p5n mentioned this pull request Jul 5, 2021
Open
@szaimen szaimen added the 3. to review Waiting for reviews label Jul 6, 2021
@kesselb kesselb requested a review from LukasReschke July 6, 2021 21:13
@kesselb
Copy link
Contributor

kesselb commented Jul 6, 2021

This change looks wrong/incomplete. According to https://oauth.net/2/grant-types/password/ grant_type=password exchange username and password for a access token. This change calls getToken and passes $password as $tokenId. So $password ist actually the tokenId?

https://doc.dovecot.org/configuration_manual/authentication/oauth2/#proxy-with-password-grant seems the use case for this pull request.

@p5n your users are using a token already to authenticate with dovecot? And you need a way to validate that the token is valid?

@p5n
Copy link
Contributor Author

p5n commented Jul 6, 2021

I was able to set up test instance with dovecot mechanisms = plain login

Users can authenticate and get mail with username and application password, created on settings/security page.

I am sure that it is incomplete (I implemented only part required to make dovecot work) and maybe it is wrong.

@nickvergessen nickvergessen removed their request for review July 7, 2021 10:23
@szaimen
Copy link
Contributor

szaimen commented Aug 31, 2021

@p5n would you be willing to implement it correctly?

@p5n
Copy link
Contributor Author

p5n commented Aug 31, 2021

I'll try, but not sure when I can do it

@szaimen szaimen added 2. developing Work in progress and removed 3. to review Waiting for reviews labels Aug 31, 2021
@szaimen szaimen added this to the Nextcloud 24 milestone Nov 26, 2021
@skjnldsv skjnldsv mentioned this pull request Mar 24, 2022
Merged
@blizzz blizzz mentioned this pull request Mar 31, 2022
Merged
This was referenced Apr 7, 2022
Merged
Merged
@blizzz blizzz modified the milestones: Nextcloud 24, Nextcloud 25 Apr 21, 2022
This was referenced Aug 12, 2022
Merged
Merged
This was referenced Aug 24, 2022
Merged
Merged
This was referenced Sep 6, 2022
Merged
Merged
@skjnldsv skjnldsv mentioned this pull request Sep 15, 2022
Merged
This was referenced Sep 20, 2022
Closed
Merged
@blizzz blizzz added this to the Nextcloud 26 milestone Sep 22, 2022
@blizzz blizzz mentioned this pull request Feb 1, 2023
Merged
@skjnldsv skjnldsv mentioned this pull request Feb 23, 2023
Merged
@blizzz blizzz mentioned this pull request Mar 7, 2023
Merged
@blizzz blizzz modified the milestones: Nextcloud 26, Nextcloud 27 Mar 9, 2023
This was referenced May 3, 2023
Merged
Closed
Merged
@blizzz blizzz mentioned this pull request May 17, 2023
Merged
@blizzz blizzz modified the milestones: Nextcloud 27, Nextcloud 28 May 23, 2023
@skjnldsv skjnldsv mentioned this pull request Nov 1, 2023
Merged
This was referenced Nov 6, 2023
Merged
Merged
This was referenced Nov 14, 2023
Merged
Merged
@blizzz blizzz modified the milestones: Nextcloud 28, Nextcloud 29 Nov 23, 2023
@skjnldsv skjnldsv removed this from the Nextcloud 29 milestone Mar 10, 2024
@susnux susnux added this to the Nextcloud 30 milestone Apr 18, 2024
This was referenced Jul 30, 2024
Merged
Merged
This was referenced Aug 5, 2024
Merged
Merged
@skjnldsv skjnldsv mentioned this pull request Aug 13, 2024
Merged
@skjnldsv skjnldsv closed this Aug 14, 2024
@skjnldsv skjnldsv removed this from the Nextcloud 30 milestone Aug 14, 2024
@sorbaugh
Copy link
Contributor

Hello @p5n, reading through the PR it seems unfortunately you didn't find the time to complete the PR and it got caught in our cleanup. Please feel free to reopen (or create a new PR) if you ever feel like tackling this again. We would be happy about that! :)

@p5n
Copy link
Contributor Author

p5n commented Aug 16, 2024

Hi, yes, it can be closed, I read RFCs and not sure that it is right approach. I implemented it only to connect with dovecot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@skjnldsv skjnldsv Awaiting requested review from skjnldsv

@kesselb kesselb Awaiting requested review from kesselb

@LukasReschke LukasReschke Awaiting requested review from LukasReschke

Assignees
No one assigned
Labels
2. developing Work in progress
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support the 'password' grant type for OAuth2 clients
7 participants
@p5n @kesselb @szaimen @sorbaugh @susnux @blizzz @skjnldsv