Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork32.2k
bpo-45706: Add imaplib.IMAP4.login_plain#29398
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
base:main
Are you sure you want to change the base?
Uh oh!
There was an error while loading.Please reload this page.
Conversation
Adds authentication using PLAIN SASL mechanism.This is a plain-text authentication mechanism which can be usedinstead of :meth:`IMAP4.login()` when UTF-8 support is required.
the-knights-who-say-ni commentedNov 4, 2021
Hello, and thanks for your contribution! I'm a bot set up to make sure that the project can legally accept this contribution by verifying everyone involved has signed thePSF contributor agreement (CLA). CLA MissingOur records indicate the following people have not signed the CLA: For legal reasons we need all the people listed to sign the CLA before we can look at your contribution. Please followthe steps outlined in the CPython devguide to rectify this issue. If you have recently signed the CLA, please wait at least one business day You cancheck yourself to see if the CLA has been received. Thanks again for the contribution, we look forward to reviewing it! |
This PR is stale because it has been open for 30 days with no activity. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Both tests passed.
Looks ok to me.
| See :RFC:`6855`, page 5. | ||
| It will only work if the server ``CAPABILITY`` response includes | ||
| the phrase ``AUTH=PLAIN``. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
The module partially supports RFC 3501, which says that AUTH=PLAIN is mandatory. I understand that means advertising it in CAPABILITY is optional, so it might work regardless.
| """ | ||
| return self.authenticate( | ||
| "PLAIN", | ||
| lambda _: "{0}\x00{0}\x00{1}".format(user, password).encode() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
This sets the authorization identity (authzid) to the user name. Wouldn’t it be better to allow omittingauthzid by default, let the server derive it?https://datatracker.ietf.org/doc/html/rfc4616#section-2
f'\x00{user}\x00{password}'.encode('utf-8')
| This is a plain-text authentication mechanism that can be used | ||
| instead of :meth:`IMAP4.login()` when UTF-8 support is required. | ||
| See :RFC:`6855`, page 5. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Not sure that referring to RFC 6855 is that relevant. All it does is recommend against UTF-8 support with LOGIN, and say that AUTHENTICATE supports UTF-8.
Uh oh!
There was an error while loading.Please reload this page.
Adds authentication using PLAIN SASL mechanism.
This is a plain-text authentication mechanism that can be used
instead of :meth:
IMAP4.login()when UTF-8 support is required.https://bugs.python.org/issue45706