[Pkg-privacy-commits] [torbirdy] 25/53: Set authentication for Gmail to OAuth2 (#17118)
Ulrike Uhlig
u-guest at moszumanska.debian.org
Sat Jul 2 20:08:06 UTC 2016
This is an automated email from the git hooks/post-receive script.
u-guest pushed a commit to annotated tag 0.2.0
in repository torbirdy.
commit 1d08d03c80cb01c5495c9e04301ad20b21ae06bb
Author: Sukhbir Singh <sukhbir at torproject.org>
Date: Mon May 9 10:43:35 2016 -0400
Set authentication for Gmail to OAuth2 (#17118)
For Gmail, the authentication type is set to OAuth2 instead of the default
"normal password" which is what most providers use (Google doesn't allow
non-OAuth2 logins). To make this work with the manual configuration wizard in
TorBirdy, the authorization step takes place when the user checks the account
for the first time, and is not done automatically. We can probably improve
this but it's better to wait for the patches that secure the automatic
configuration wizard to be merged upstream. See bugzilla 669238.
---
chrome/content/emailwizard.js | 16 ++++++++++++++++
components/torbirdy.js | 4 ++--
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/chrome/content/emailwizard.js b/chrome/content/emailwizard.js
index 0223e7a..d38828e 100644
--- a/chrome/content/emailwizard.js
+++ b/chrome/content/emailwizard.js
@@ -13,6 +13,7 @@ if(!org.torbirdy.emailwizard) org.torbirdy.emailwizard = new function() {
fixupTorbirdySettingsOnNewAccount = function(account) {
var idkey = account.defaultIdentity.key;
+ var outgoing = account.defaultIdentity.smtpServerKey;
var serverkey = account.incomingServer.key;
var protocol = account.incomingServer.type;
@@ -21,6 +22,12 @@ if(!org.torbirdy.emailwizard) org.torbirdy.emailwizard = new function() {
['mail.server.%serverkey%.login_at_startup', false]
];
+ // 10 specifies OAuth2 as the authentication method (used for Gmail).
+ if (pub.isGmail) {
+ pref_spec.push(['mail.smtpserver.%outgoing%.authMethod', 10]);
+ pref_spec.push(['mail.server.%serverkey%.authMethod', 10]);
+ }
+
// Make sure that drafts are saved to Local Folders if it is an IMAP account.
if (protocol === "imap") {
pref_spec.push(['mail.identity.%idkey%.draft_folder',
@@ -35,6 +42,7 @@ if(!org.torbirdy.emailwizard) org.torbirdy.emailwizard = new function() {
for each (var [pref_template, value] in pref_spec) {
var pref = pref_template.replace("%idkey%", idkey);
pref = pref.replace("%serverkey%", serverkey);
+ pref = pref.replace("%outgoing%", outgoing);
Preferences.set(pref, value);
}
}
@@ -78,9 +86,17 @@ if(!org.torbirdy.emailwizard) org.torbirdy.emailwizard = new function() {
config.outgoing.socketType = 2;
// Set the authentication to 'Normal' (connection is already encrypted).
+ // This is true for all providers except Gmail, which uses OAuth2.
config.incoming.auth = 3;
config.outgoing.auth = 3;
+ // We will deal with Gmail later because it makes it easier to handle
+ // OAuth2 with the manual configuration.
+ let emailDomain = email.split("@")[1];
+ if (emailDomain === "gmail.com") {
+ pub.isGmail = true;
+ }
+
// Default the outgoing SMTP port.
config.outgoing.port = 465;
diff --git a/components/torbirdy.js b/components/torbirdy.js
index 276c745..4f83513 100644
--- a/components/torbirdy.js
+++ b/components/torbirdy.js
@@ -85,8 +85,8 @@ const TorBirdyPrefs = {
// We don't want user's of Thunderbird to even come close to such a bypass
// issue and so we have disabled websockets out of an abundance of caution.
"network.websocket.enabled": false,
- // No cookies are allowed.
- "network.cookie.cookieBehavior": 2,
+ // Cookies are allowed, but not third-party cookies. For Gmail and Twitter.
+ "network.cookie.cookieBehavior": 1,
// Disable link prefetching.
"network.prefetch-next": false,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/torbirdy.git
More information about the Pkg-privacy-commits
mailing list