- Notifications
You must be signed in to change notification settings - Fork1.1k
feat: support optional SMTP auth#14533
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Changes from1 commit
File filter
Filter by extension
Conversations
Uh oh!
There was an error while loading.Please reload this page.
Jump to
Uh oh!
There was an error while loading.Please reload this page.
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -53,7 +53,8 @@ type SMTPHandler struct { | ||
| cfg codersdk.NotificationsEmailConfig | ||
| log slog.Logger | ||
| noAuthWarnOnce sync.Once | ||
| loginWarnOnce sync.Once | ||
| helpers template.FuncMap | ||
| } | ||
| @@ -431,6 +432,15 @@ func (s *SMTPHandler) loadCertificate() (*tls.Certificate, error) { | ||
| func (s *SMTPHandler) auth(ctx context.Context, mechs string) (sasl.Client, error) { | ||
| username := s.cfg.Auth.Username.String() | ||
| // All auth mechanisms require username, so if one is not defined then don't return an auth client. | ||
| if username == "" { | ||
| s.noAuthWarnOnce.Do(func() { | ||
| s.log.Warn(ctx, "skipping auth; no username configured", slog.F("support_mechanisms", mechs)) | ||
| }) | ||
| // nolint:nilnil // This is a valid response. | ||
| return nil, nil | ||
Member There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. Is the new return signature handled by the caller(s)? I see that nilnil is new (unless sasl lib also returns it). Edit: Might be good to mention this return signature in the function comment as well. ContributorAuthor There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. Yup. // Check for authentication capabilities.ifok,avail:=c.Extension("AUTH");ok {<---entersifauthissupported// Ensure the auth mechanisms available are ones we can use.auth,err:=s.auth(ctx,avail)iferr!=nil {returntrue,xerrors.Errorf("determine auth mechanism: %w",err)}// If so, use the auth mechanism to authenticate.ifauth!=nil {<---bailsoutbecauseauthisniliferr:=c.Auth(auth);err!=nil {returntrue,xerrors.Errorf("%T auth: %w",auth,err)}}}elseif!s.cfg.Auth.Empty() {returnfalse,xerrors.New("no authentication mechanisms supported by server")}<---...continuestoprocessmessagewithoutauth... ContributorAuthor There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. Admittedly the comments could be better about this case, lemme add that. ContributorAuthor There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. | ||
| } | ||
| var errs error | ||
| list := strings.Split(mechs, " ") | ||
| for _, mech := range list { | ||