[tor-commits] [torbirdy/develop] Set authentication for Gmail to OAuth2 (#17118)
sukhbir at torproject.org
sukhbir at torproject.org
Fri Nov 25 05:54:48 UTC 2016
commit 1d08d03c80cb01c5495c9e04301ad20b21ae06bb
Author: Sukhbir Singh <sukhbir at torproject.org>
Date: Mon May 9 10:43:35 2016 -0400
Set authentication for Gmail to OAuth2 (#17118)
For Gmail, the authentication type is set to OAuth2 instead of the default
"normal password" which is what most providers use (Google doesn't allow
non-OAuth2 logins). To make this work with the manual configuration wizard in
TorBirdy, the authorization step takes place when the user checks the account
for the first time, and is not done automatically. We can probably improve
this but it's better to wait for the patches that secure the automatic
configuration wizard to be merged upstream. See bugzilla 669238.
---
chrome/content/emailwizard.js | 16 ++++++++++++++++
components/torbirdy.js | 4 ++--
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/chrome/content/emailwizard.js b/chrome/content/emailwizard.js
index 0223e7a..d38828e 100644
--- a/chrome/content/emailwizard.js
+++ b/chrome/content/emailwizard.js
@@ -13,6 +13,7 @@ if(!org.torbirdy.emailwizard) org.torbirdy.emailwizard = new function() {
fixupTorbirdySettingsOnNewAccount = function(account) {
var idkey = account.defaultIdentity.key;
+ var outgoing = account.defaultIdentity.smtpServerKey;
var serverkey = account.incomingServer.key;
var protocol = account.incomingServer.type;
@@ -21,6 +22,12 @@ if(!org.torbirdy.emailwizard) org.torbirdy.emailwizard = new function() {
['mail.server.%serverkey%.login_at_startup', false]
];
+ // 10 specifies OAuth2 as the authentication method (used for Gmail).
+ if (pub.isGmail) {
+ pref_spec.push(['mail.smtpserver.%outgoing%.authMethod', 10]);
+ pref_spec.push(['mail.server.%serverkey%.authMethod', 10]);
+ }
+
// Make sure that drafts are saved to Local Folders if it is an IMAP account.
if (protocol === "imap") {
pref_spec.push(['mail.identity.%idkey%.draft_folder',
@@ -35,6 +42,7 @@ if(!org.torbirdy.emailwizard) org.torbirdy.emailwizard = new function() {
for each (var [pref_template, value] in pref_spec) {
var pref = pref_template.replace("%idkey%", idkey);
pref = pref.replace("%serverkey%", serverkey);
+ pref = pref.replace("%outgoing%", outgoing);
Preferences.set(pref, value);
}
}
@@ -78,9 +86,17 @@ if(!org.torbirdy.emailwizard) org.torbirdy.emailwizard = new function() {
config.outgoing.socketType = 2;
// Set the authentication to 'Normal' (connection is already encrypted).
+ // This is true for all providers except Gmail, which uses OAuth2.
config.incoming.auth = 3;
config.outgoing.auth = 3;
+ // We will deal with Gmail later because it makes it easier to handle
+ // OAuth2 with the manual configuration.
+ let emailDomain = email.split("@")[1];
+ if (emailDomain === "gmail.com") {
+ pub.isGmail = true;
+ }
+
// Default the outgoing SMTP port.
config.outgoing.port = 465;
diff --git a/components/torbirdy.js b/components/torbirdy.js
index 276c745..4f83513 100644
--- a/components/torbirdy.js
+++ b/components/torbirdy.js
@@ -85,8 +85,8 @@ const TorBirdyPrefs = {
// We don't want user's of Thunderbird to even come close to such a bypass
// issue and so we have disabled websockets out of an abundance of caution.
"network.websocket.enabled": false,
- // No cookies are allowed.
- "network.cookie.cookieBehavior": 2,
+ // Cookies are allowed, but not third-party cookies. For Gmail and Twitter.
+ "network.cookie.cookieBehavior": 1,
// Disable link prefetching.
"network.prefetch-next": false,
More information about the tor-commits
mailing list