Hi Aditya, On Thu, Apr 24, 2025 at 8:23 PM Aditya Garg <gargaditya08@xxxxxxxx> wrote: > > Hi Eric > > > As I said in https://github.com/gbarr/perl-authen-sasl/issues/18#issuecomment-2453040190 <https://github.com/gbarr/perl-authen-sasl/issues/18#issuecomment-2453040190> : I'd love to implement XOAUTH2 and/or OAUTHBEARER, but I don't have a setup available to test with, so I need someone to provide a patch *and* a description of how to test, preferably against a publicly available service so I don't need to go through complex setup myself. > > I saw the code of perl-authen-sasl and I miserably failed in porting the logic used here to the repo. > > Perl is not something I am very strong at, so not really feasible for me to work ahead. I do was able to return the formatted base64 encoded string as per the logic, but still I got authentication issues. I took a look at the code you sent XOAUTH2.pm. After a bit of puzzling, I found what's going wrong: I think you should return the base64 encoded string from "client_start()" instead of from the first step. The step function should only be called in case the server returns an error. > Currently I aim to have git-send-email working, and a review from an experienced person is needed. > > I would be happy to be able to test any proposed patch though. > Julian, you might be interested here? > > If you are interested, you can checkout my XOAUTH2.pm file, which doesn't authenticate for some reason. > > -->8-- > > package Authen::SASL::Perl::XOAUTH2; > > use strict; > use warnings; > use MIME::Base64; > use vars qw($VERSION @ISA); > > $VERSION = "1.00"; > @ISA = qw(Authen::SASL::Perl); > > my %secflags = ( > noanonymous => 1, > ); > > sub _order { 1 } > > sub _secflags { > shift; > scalar grep { $secflags{$_} } @_; > } > > sub mechanism { 'XOAUTH2' } > > sub client_start { > my $self = shift; > $self->{stage} = 0; > ''; > } > > sub client_step { > my ($self, $challenge) = @_; > > my $stage = ++$self->{stage}; > if ($stage == 1) { This bit should be in "client_start{}": > # Generate the XOAUTH2 authentication string > my $username = $self->_call('user'); > my $token = $self->_call('pass'); # OAuth 2.0 access token > my $auth_string = "user=$username\001auth=Bearer $token\001\001"; > my $encoded_auth_string = encode_base64($auth_string, ''); > > # Send the encoded authentication string > return $encoded_auth_string; Up until here. > } else { > # Handle authentication failure by sending a dummy request > my $dummy_request = encode_base64("\001", ''); > return $dummy_request; > } > } > } > > 1; > > __END__ > > =head1 NAME > > Authen::SASL::Perl::XOAUTH2 - XOAUTH2 Authentication class > > =head1 SYNOPSIS > > use Authen::SASL qw(Perl); > > $sasl = Authen::SASL->new( > mechanism => 'XOAUTH2', > callback => { > user => $user, > pass => $access_token, > }, > ); > > =head1 DESCRIPTION > > This module implements the client side of the XOAUTH2 SASL mechanism, which is used for OAuth 2.0-based authentication. > > =head2 CALLBACK > > The callbacks used are: > > =head3 Client > > =over 4 > > =item user > > The username to be used for authentication. > > =item pass > > The OAuth 2.0 access token to be used for authentication. > > =back > > =head1 SEE ALSO > > L<Authen::SASL>, > L<MIME::Base64> > > =head1 AUTHORS > > Written by [Your Name]. > > =head1 COPYRIGHT > > This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. > > =cut > > ---- > > > > Please let me know who to talk to to have it added! > > > > > > -- > > Bye, > > > > Erik. > > > > http://efficito.com <http://efficito.com/> -- Hosted accounting and ERP. > > Robust and Flexible. No vendor lock-in. > -- Bye, Erik. http://efficito.com -- Hosted accounting and ERP. Robust and Flexible. No vendor lock-in.
