Put oauth client secret into a file

schlatterbeck · schlatterbeck · commit 6f92b448426a · 2022-11-26T11:32:12.000+01:00
.. and get rid of the -I option of the mailgw script.
diff --git a/doc/user_guide.txt b/doc/user_guide.txt
@@ -725,8 +725,8 @@ IMAPS_OAUTH:
  Connect to an IMAP server over ssl using OAUTH authentication.
  Note that this does not support a password in imaps URLs.
  Instead it uses only the user and server and a command-line option for
- the directory with the files ``access_token``, ``refresh_token``, and
- ``client_secret``.
+ the directory with the files ``access_token``, ``refresh_token``,
+ ``client_secret``, and ``client_id``.
  By default this directory is ``oauth`` in your tracker home directory. The
  access token is tried first and, if expired, the refresh token together
  with the client secret is used to retrieve a new access token. Note that
@@ -736,10 +736,9 @@ IMAPS_OAUTH:
 
    imaps_oauth username@server [mailbox]
 
- Note that you also have to specify the OAuth client id with the
- ``--oauth-client-id`` option on the command line. The refresh and
- access tokens (the latter can be left empty) and the client secret need
- to be retrieved via cloud provider specific protocols or websites.
+ The refresh and access tokens (the latter can be left empty), the
+ client id and the client secret need to be retrieved via cloud provider
+ specific protocols or websites.
 
  You need the requests_ library installed for OAuth.
 
diff --git a/roundup/mailgw.py b/roundup/mailgw.py
@@ -1462,8 +1462,10 @@ def renew_oauth_tokens(self):
         """
         with open(os.path.join(self.oauth_path, 'client_secret'), 'r') as f:
             client_secret = f.read().strip()
+        with open(os.path.join(self.oauth_path, 'client_id'), 'r') as f:
+            client_id = f.read().strip()
         data = dict \
-            ( client_id = self.oauth_client_id
+            ( client_id = client_id
             , client_secret = client_secret
             , refresh_token = self.refresh_token
             , grant_type = 'refresh_token'
@@ -1514,7 +1516,6 @@ def do_imap(self, server, user='', password='', mailbox='', **kw):
             # The following are mandatory for oauth and are passed by
             # the command-line handler:
             self.token_endpoint = kw ['token_endpoint']
-            self.oauth_client_id = kw ['oauth_client_id']
             for k in range(2):
                 t = self.access_token
                 s = 'user=%s\1auth=Bearer %s\1\1' % (user, t)
diff --git a/roundup/scripts/roundup_mailgw.py b/roundup/scripts/roundup_mailgw.py
@@ -123,19 +123,18 @@
  Connect to an IMAP server over ssl using OAUTH authentication.
  Note that this does not support a password in imaps URLs.
  Instead it uses only the user and server and a command-line option for
- the directory with the files 'access_token', 'refresh_token', and
- 'client_secret'.
+ the directory with the files 'access_token', 'refresh_token',
+ 'client_secret', and 'client_id'.
  By default this directory is 'oauth' in your tracker home directory. The
  access token is tried first and, if expired, the refresh token together
  with the client secret is used to retrieve a new access token. Note that
  both token files need to be *writeable*, the access token is
  continuously replaced and some cloud providers may also renew the
  refresh token from time to time:
     imaps_oauth username@server [mailbox]
- Note that you also have to specify the OAuth client id with the
- ``--oauth-client-id`` option on the command line. The refresh and
- access tokens (the latter can be left empty) and the client secret need
- to be retrieved via cloud provider specific protocols or websites.
+ The refresh and access tokens (the latter can be left empty), the
+ client id and the client secret need to be retrieved via cloud provider
+ specific protocols or websites.
 
 
 
@@ -154,8 +153,6 @@ def parse_arguments(argv):
     cmd.add_argument('-c', '--default_class', default='',
         help="Default class of item to create (else the tracker's "
         "MAILGW_DEFAULT_CLASS)")
-    cmd.add_argument('-I', '--oauth-client-id',
-        help='ID for OAUTH token refresh')
     cmd.add_argument('-O', '--oauth-directory',
         help='Directory with OAUTH credentials, default "oauth" in '
         'tracker home')
@@ -248,7 +245,6 @@ def main(argv):
         elif source == 'imaps_oauth':
             d.update(ssl = 1, oauth = 1, oauth_path = args.oauth_directory)
             d.update(token_endpoint = args.oauth_token_endpoint)
-            d.update(oauth_client_id = args.oauth_client_id)
         mailbox = ''
         if len(args.args) > 3:
             mailbox = args.args[3]
