On Fri, Sep 20, 2013 at 5:08 PM, Steve Holme <[email protected]> wrote:
> Daniel announced this week that we are approaching feature freeze for cURL > 7.33 and as I felt it would be best to add XOAUTH to POP3 in the same > release as IMAP and SMTP I have cobbled together the appropriate > implementation. Sorry for the late reply, I've been slammed at work. > I have pushed this as commit 18db7438512de1 and would appreciate it if you > would be so kind to review the code at some point. I have taken a look, and I don't see any issues. I don't have access to a server that actually implements XOAUTH2 via POP3, but it operates as expected with dummy test POP3 service using string comparison. I did however notice while I was poking around that the option '--bearer' might be slightly ambiguous in name. It doesn't create any conflict that I am aware of at the moment, however, OAUTH v2 is not the only authentication mechanism which uses "bearer" tokens. I wonder if this might need to be changed to something more implementation specific... I don't know enough about the OAUTH v1.0 implementation to say if something like "--oauth-bearer" would be a better choice, and of course that presumes that there is a possibility that at some point OAUTH v1.0 will be implemented in cURL -- which as I understand it, OAUTH v1.0 is, and will remain valid, and is in use by some major players. What are your thoughts? Also, should this scrutiny be applied to the nomenclature used in OAUTH v2.0 curl_easy_setopt options? Currently, the curl_easy_setopt name for OAUTH v2.0 is CURLOPT_XOAUTH2_BEARER, which is protocol and version specific, but if the naming convention of the CLI option is protocol and version agnostic, perhaps this option should be as well. Now, from what I understand about the OAUTH v1.0 specification, the bearer token is sent in addition to some other fields, such as the client ID and the client secret, so perhaps making the parameter version specific makes more sense. ?? ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
