Making Gnus ask my IMAP username and password after the recent auth-source changes

Making Gnus ask my IMAP username and password after the recent auth-source changes

[Raphael Kubo da Costa]

Hey there,

I've just updated NoGnus to 840dabe after staying at 8c7e9ae for a
while.

I have a secondary source that is set to my Gmail IMAP account. Now that
the auth-source stuff has been merged, Gnus no longer asks for my IMAP
username and password (and whether I want to store them in
~/.authinfo.gpg) every time I started Gnus. Instead, I needed to create
~/.authinfo.gpg and add my username and password there.

Is there a way to go back to the old behaviour and make Gnus ask my
account information when logging into the IMAP server?

This is GNU Emacs 23.2.1 on FreeBSD.

Cheers,
Raphael

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Tue, 15 Feb 2011 00:06:16 -0200 Raphael Kubo da Costa <kubito@gmail.com> wrote: 

RKdC> I've just updated NoGnus to 840dabe after staying at 8c7e9ae for a
RKdC> while.

RKdC> I have a secondary source that is set to my Gmail IMAP account. Now that
RKdC> the auth-source stuff has been merged, Gnus no longer asks for my IMAP
RKdC> username and password (and whether I want to store them in
RKdC> ~/.authinfo.gpg) every time I started Gnus. Instead, I needed to create
RKdC> ~/.authinfo.gpg and add my username and password there.

RKdC> Is there a way to go back to the old behaviour and make Gnus ask my
RKdC> account information when logging into the IMAP server?

Hi Raphael,

I thought I made the necessary change in auth-source.el and nnimap.el to
do this.  Can you set auth-source-debug to t and send me the log in
*Messages* when you do this?

Thanks
Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Raphael Kubo da Costa]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Tue, 15 Feb 2011 00:06:16 -0200 Raphael Kubo da Costa <kubito@gmail.com> wrote: 
>
> RKdC> I've just updated NoGnus to 840dabe after staying at 8c7e9ae for a
> RKdC> while.
>
> RKdC> I have a secondary source that is set to my Gmail IMAP account. Now that
> RKdC> the auth-source stuff has been merged, Gnus no longer asks for my IMAP
> RKdC> username and password (and whether I want to store them in
> RKdC> ~/.authinfo.gpg) every time I started Gnus. Instead, I needed to create
> RKdC> ~/.authinfo.gpg and add my username and password there.
>
> RKdC> Is there a way to go back to the old behaviour and make Gnus ask my
> RKdC> account information when logging into the IMAP server?
>
> Hi Raphael,
>
> I thought I made the necessary change in auth-source.el and nnimap.el to
> do this.  Can you set auth-source-debug to t and send me the log in
> *Messages* when you do this?

Here's the part that seems to be relevant:

Opening nnimap server on Personal...
Opening connection to imap.gmail.com via tls...
Opening TLS connection to `imap.gmail.com'...
Opening TLS connection with `gnutls-cli --insecure -p 993 imap.gmail.com'...done
Opening TLS connection to `imap.gmail.com'...done
auth-source-search: found 2 backends matching (:max 1 :host ("Personal" "imap.gmail.com") :port ("143" "993" "imap" "imaps" 993) :create nil)
auth-source-search: found 0 results (max 1/1) in [object auth-source-backend "~/.authinfo.gpg" netrc "~/.authinfo.gpg" t t t auth-source-netrc-create auth-source-netrc-search] matching (:max 1 :host ("Personal" "imap.gmail.com") :port ("143" "993" "imap" "imaps" 993) :create nil)
auth-source-search: found 0 results (max 1/1) in [object auth-source-backend "~/.authinfo" netrc "~/.authinfo" t t t auth-source-netrc-create auth-source-netrc-search] matching (:max 1 :host ("Personal" "imap.gmail.com") :port ("143" "993" "imap" "imaps" 993) :create nil)
Opening nnimap server on Personal...failed:
Warning: Opening nnimap server on Personal...failed:

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Tue, 15 Feb 2011 18:57:09 -0200 Raphael Kubo da Costa <kubito@gmail.com> wrote: 

RKdC> I have a secondary source that is set to my Gmail IMAP account. Now that
RKdC> the auth-source stuff has been merged, Gnus no longer asks for my IMAP
RKdC> username and password (and whether I want to store them in
RKdC> ~/.authinfo.gpg) every time I started Gnus. Instead, I needed to create
RKdC> ~/.authinfo.gpg and add my username and password there.
>> 
RKdC> Is there a way to go back to the old behaviour and make Gnus ask my
RKdC> account information when logging into the IMAP server?

RKdC> Here's the part that seems to be relevant:

RKdC> Opening nnimap server on Personal...
RKdC> Opening connection to imap.gmail.com via tls...
RKdC> Opening TLS connection to `imap.gmail.com'...
RKdC> Opening TLS connection with `gnutls-cli --insecure -p 993 imap.gmail.com'...done
RKdC> Opening TLS connection to `imap.gmail.com'...done
RKdC> auth-source-search: found 2 backends matching (:max 1 :host ("Personal" "imap.gmail.com") :port ("143" "993" "imap" "imaps" 993) :create nil)
RKdC> auth-source-search: found 0 results (max 1/1) in [object
RKdC> auth-source-backend "~/.authinfo.gpg" netrc "~/.authinfo.gpg" t t t
RKdC> auth-source-netrc-create auth-source-netrc-search] matching (:max 1
RKdC> :host ("Personal" "imap.gmail.com") :port ("143" "993" "imap" "imaps"
RKdC> 993) :create nil)
RKdC> auth-source-search: found 0 results (max 1/1) in [object
RKdC> auth-source-backend "~/.authinfo" netrc "~/.authinfo" t t t
RKdC> auth-source-netrc-create auth-source-netrc-search] matching (:max 1
RKdC> :host ("Personal" "imap.gmail.com") :port ("143" "993" "imap" "imaps"
RKdC> 993) :create nil)
RKdC> Opening nnimap server on Personal...failed:
RKdC> Warning: Opening nnimap server on Personal...failed:

Thanks, Raphael.  I comitted a change to DTRT (with some questions
posted here) for Emacs bug 8050, which I think you are also
experiencing.  Your normal usage, at least, should be OK.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Matt Lundin]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Tue, 15 Feb 2011 18:57:09 -0200 Raphael Kubo da Costa
> <kubito@gmail.com> wrote:

> Thanks, Raphael.  I comitted a change to DTRT (with some questions
> posted here) for Emacs bug 8050, which I think you are also
> experiencing.  Your normal usage, at least, should be OK.

With the two recent auth-source related commits, I have the opposite
problem of the OP. I find that nnimap now prompts for my user name and
password regardless of whether an .authinfo file/entry exists.

My authinfo file is setup per the instructions below and has always
worked in the past.

(info "(gnus) Connecting to an IMAP Server")

Thanks,
Matt

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Wed, 16 Feb 2011 15:39:22 -0500 Matt Lundin <mdl@imapmail.org> wrote: 

ML> Ted Zlatanov <tzz@lifelogs.com> writes:
>> On Tue, 15 Feb 2011 18:57:09 -0200 Raphael Kubo da Costa
>> <kubito@gmail.com> wrote:

>> Thanks, Raphael.  I comitted a change to DTRT (with some questions
>> posted here) for Emacs bug 8050, which I think you are also
>> experiencing.  Your normal usage, at least, should be OK.

ML> With the two recent auth-source related commits, I have the opposite
ML> problem of the OP. I find that nnimap now prompts for my user name and
ML> password regardless of whether an .authinfo file/entry exists.

ML> My authinfo file is setup per the instructions below and has always
ML> worked in the past.

ML> (info "(gnus) Connecting to an IMAP Server")

I'm surprised since my changes should only matter if no results are
found.

Can you set `auth-source-debug' to t (now the default) and show your
auth-source-* lines from *Messages*, please?  Also show your authinfo
lines that should be found but aren't.

Thanks
Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Matt Lundin]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Wed, 16 Feb 2011 15:39:22 -0500 Matt Lundin <mdl@imapmail.org> wrote: 
>
> ML> Ted Zlatanov <tzz@lifelogs.com> writes:
>>> On Tue, 15 Feb 2011 18:57:09 -0200 Raphael Kubo da Costa
>>> <kubito@gmail.com> wrote:
>
>>> Thanks, Raphael.  I comitted a change to DTRT (with some questions
>>> posted here) for Emacs bug 8050, which I think you are also
>>> experiencing.  Your normal usage, at least, should be OK.
>
> ML> With the two recent auth-source related commits, I have the opposite
> ML> problem of the OP. I find that nnimap now prompts for my user name and
> ML> password regardless of whether an .authinfo file/entry exists.
>
> ML> My authinfo file is setup per the instructions below and has always
> ML> worked in the past.
>
> ML> (info "(gnus) Connecting to an IMAP Server")
>
> I'm surprised since my changes should only matter if no results are
> found.
>
> Can you set `auth-source-debug' to t (now the default) and show your
> auth-source-* lines from *Messages*, please?  Also show your authinfo
> lines that should be found but aren't.
>

Sure. 

From .authinfo:

--8<---------------cut here---------------start------------->8---
machine imap.gmail.com login [username] password [password]
--8<---------------cut here---------------end--------------->8---

And from the *Messages* buffer:

--8<---------------cut here---------------start------------->8---
Opening connection to imap.gmail.com via tls...
Opening TLS connection to `imap.gmail.com'...
Opening TLS connection with `gnutls-cli --insecure -p imaps imap.gmail.com'...done
Opening TLS connection to `imap.gmail.com'...done
auth-source-search: found 2 backends matching (:max 1 :host ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps") :create t)
Quit trying to open server nnimap+gmail
Couldn't open nnimap:gmail
--8<---------------cut here---------------end--------------->8---

Note: I pressed C-g to exit the user/protocol prompt. (Hence the "Quit
trying to open").

Thanks,
Matt

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Raphael Kubo da Costa]

Ted Zlatanov <tzz@lifelogs.com> writes:

> Thanks, Raphael.  I comitted a change to DTRT (with some questions
> posted here) for Emacs bug 8050, which I think you are also
> experiencing.  Your normal usage, at least, should be OK.

Thanks a lot, it works fine now.

I am still wondering if the prompts I get are better than the old one,
though -- the old code used to infer the port from my ~/.gnus (via
nnimap-server-port), and did not show the password in clear text when
asking to store the data in ~/.authinfo.gpg. Is it possible to at least
hide the password in the last prompt?

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Wed, 16 Feb 2011 20:15:09 -0500 Matt Lundin <mdl@imapmail.org> wrote: 

ML> From .authinfo:
ML> machine imap.gmail.com login [username] password [password]

ML> And from the *Messages* buffer:
ML> Opening connection to imap.gmail.com via tls...
ML> Opening TLS connection to `imap.gmail.com'...
ML> Opening TLS connection with `gnutls-cli --insecure -p imaps imap.gmail.com'...done
ML> Opening TLS connection to `imap.gmail.com'...done
ML> auth-source-search: found 2 backends matching (:max 1 :host ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps") :create t)
ML> Quit trying to open server nnimap+gmail
ML> Couldn't open nnimap:gmail

ML> Note: I pressed C-g to exit the user/protocol prompt. (Hence the "Quit
ML> trying to open").

Because you didn't go through the prompts, I don't know the actual
backend that was used (see the second message below).

I made a .authinfo.gpg file to test this with this first line:

machine imap.gmail.com login x password y

And then did 
(auth-source-search :max 1 :host '("gmail" "imap.gmail.com") :port '("143" "993" "imap" "imaps") :create t)

I see in *Messages*:
auth-source-search: found 1 backends matching (:max 1 :host ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps") :create t)
auth-source-search: found 1 results (max 1/0) in [object auth-source-backend "~/.authinfo.gpg" netrc "~/.authinfo.gpg" t t t auth-source-netrc-create auth-source-netrc-search] matching (:max 1 :host ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps") :create t)
((:host "imap.gmail.com" :user "x" :secret (lambda (&rest --cl-rest--) (apply #[... "\bJ‡" [G19000] 1] ... --cl-rest--))))

So it worked properly for me.  Can you make sure you're loading the
right auth-source.el, too?  Do `M-x eval-buffer' in the open file rather
than relying on autoload and require.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Thu, 17 Feb 2011 01:34:25 -0200 Raphael Kubo da Costa <kubito@gmail.com> wrote: 

RKdC> I am still wondering if the prompts I get are better than the old one,
RKdC> though -- the old code used to infer the port from my ~/.gnus (via
RKdC> nnimap-server-port), 

This can be helped with `auth-source-creation-defaults'.  I will add a
default to the first port to `nnimap-credentials'.

I also changed :protocol to :port everywhere; I realized I was getting
confused between the two so it was safer to go with :port.  If I'm
getting confused, imagine the poor API users :)

RKdC> and did not show the password in clear text when asking to store
RKdC> the data in ~/.authinfo.gpg. Is it possible to at least hide the
RKdC> password in the last prompt?

Hmm.  But then you couldn't see the actual line that was added.  I'm not
sure what's the right thing here.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Raphael Kubo da Costa]

Ted Zlatanov wrote:

> On Thu, 17 Feb 2011 01:34:25 -0200 Raphael Kubo da Costa
> RKdC> I am still wondering if the prompts I get are better than the old
> RKdC> though -- the old code used to infer the port from my ~/.gnus
> RKdC> (via nnimap-server-port),
> 
> This can be helped with `auth-source-creation-defaults'.  I will add a
> default to the first port to `nnimap-credentials'.

Well, it got a bit confusing now.

I need to use port 993 to connect to the IMAP server. Previously, Gnus tried 
the port list for ssl (143, 993, imap and imaps), settled on 993 and asked 
me for my username and password showing "imap.gmail.com:993" in the prompt.

Now, the prompt shows me "Personal:143", so the host is not shown, and the 
port is wrong. It then asks me to write this information (with the wrong 
port) into ~/.authinfo.gpg. I then choose "n" and it works fine, because 
after that Gnus ends up connecting to port 993.

> RKdC> and did not show the password in clear text when asking to store
> RKdC> the data in ~/.authinfo.gpg. Is it possible to at least hide the
> RKdC> password in the last prompt?

> Hmm.  But then you couldn't see the actual line that was added.  I'm not
> sure what's the right thing here.

Any other program that prompts for confirmation of this sort of data usually 
uses "***" or something like that when asking to write the password. 
Wouldn't it be possible to at least add a variable for the paranoid? :)

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Matt Lundin]

Ted Zlatanov <tzz@lifelogs.com> writes:

> On Wed, 16 Feb 2011 20:15:09 -0500 Matt Lundin <mdl@imapmail.org> wrote: 
>
> ML> From .authinfo:
> ML> machine imap.gmail.com login [username] password [password]
>
> ML> And from the *Messages* buffer:
> ML> Opening connection to imap.gmail.com via tls...
> ML> Opening TLS connection to `imap.gmail.com'...
> ML> Opening TLS connection with `gnutls-cli --insecure -p imaps
> ML> imap.gmail.com'...done
> ML> Opening TLS connection to `imap.gmail.com'...done
> ML> auth-source-search: found 2 backends matching (:max 1 :host
> ML> ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps")
> ML> :create t)
> ML> Quit trying to open server nnimap+gmail
> ML> Couldn't open nnimap:gmail
>
> ML> Note: I pressed C-g to exit the user/protocol prompt. (Hence the "Quit
> ML> trying to open").
>
> Because you didn't go through the prompts, I don't know the actual
> backend that was used (see the second message below).

Thanks for answering

O.K., I went through the prompts. It looks as if auth-source-search
didn't find the relevant entry in ~/.authinfo. Instead, it grabbed the
new values entered at the prompt. Moreover, despite the fact that the
same values are present in .authinfo, auth-source asks whether I want to
create a new, encrypted authinfo.gpg.

--8<---------------cut here---------------start------------->8---
auth-source-search: found 2 backends matching (:max 1 :host ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps") :create t)
Add to file ~/.authinfo.gpg: line [machine "gmail" login "user"](y or n) 
auth-source-search: found 1 results (max 1/0) in [object auth-source-backend "~/.authinfo.gpg" netrc "~/.authinfo.gpg" t t t auth-source-netrc-create auth-source-netrc-search] matching (:max 1 :host ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps") :create t)
--8<---------------cut here---------------end--------------->8---

> I made a .authinfo.gpg file to test this with this first line:
>
> machine imap.gmail.com login x password y
>
> (auth-source-search :max 1 :host '("gmail" "imap.gmail.com") :port
> ("143" "993" "imap" "imaps") :create t)

O.K., I created an ~/.authinfo file (not .authinfo.gpg) with the values
above.

> And then did 
> (auth-source-search :max 1 :host '("gmail" "imap.gmail.com") :port
> ("143" "993" "imap" "imaps") :create t)

When evaluating the above, auth-source-search does not find the values
in .authinfo and instead prompts for for user name, protocol, and
password. (Note the "Add to file line" below.)

--8<---------------cut here---------------start------------->8---
auth-source-search: found 2 backends matching (:max 1 :host ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps") :create t)
Add to file ~/.authinfo.gpg: line [machine "gmail" login "user"](y or n) 
auth-source-search: found 1 results (max 1/0) in [object auth-source-backend "~/.authinfo.gpg" netrc "~/.authinfo.gpg" t t t auth-source-netrc-create auth-source-netrc-search] matching (:max 1 :host ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps") :create t)
((:host "gmail" :user "user" :protocol "" :secret (lambda (&rest
--cl-rest--) (apply #[... "\bJ‡" [G94901] 1] ... --cl-rest--))))
--8<---------------cut here---------------end--------------->8---

When I create an ~/authinfo.gpg file with exactly the same line,
everything seems to work. I.e., I get the same results as yours below.

> I see in *Messages*:
> auth-source-search: found 1 backends matching (:max 1 :host ("gmail"
> "imap.gmail.com") :port ("143" "993" "imap" "imaps") :create t)
> auth-source-search: found 1 results (max 1/0) in [object
> auth-source-backend "~/.authinfo.gpg" netrc "~/.authinfo.gpg" t t t
> auth-source-netrc-create auth-source-netrc-search] matching (:max 1
> :host ("gmail" "imap.gmail.com") :port ("143" "993" "imap" "imaps")
> :create t)
> ((:host "imap.gmail.com" :user "x" :secret (lambda (&rest --cl-rest--)
> (apply #[... "\bJ‡" [G19000] 1] ... --cl-rest--))))

In short, auth-source-search finds the correct values in authinfo.gpg
but does not find them in an unencrypted authinfo file with identical
lines. (Note, when running the tests, I deleted .authinfo when trying
.authinfo.gpg and vice versa.)

The value of auth-sources is ("~/.authinfo.gpg" "~/.authinfo").

BTW, authentication with an unencrypted .authinfo file works for nntp.

On a related note, I would gladly switch to .authinfo.gpp, except that I
find I am asked for my encryption password three times during startup:
once for imap and once for each nntp server.

Thanks,
Matt

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Thu, 17 Feb 2011 11:34:43 -0200 Raphael Kubo da Costa <kubito@gmail.com> wrote: 

RKdC> Ted Zlatanov wrote:
>> On Thu, 17 Feb 2011 01:34:25 -0200 Raphael Kubo da Costa
RKdC> I am still wondering if the prompts I get are better than the old
RKdC> though -- the old code used to infer the port from my ~/.gnus
RKdC> (via nnimap-server-port),
>> 
>> This can be helped with `auth-source-creation-defaults'.  I will add a
>> default to the first port to `nnimap-credentials'.

RKdC> Well, it got a bit confusing now.

RKdC> I need to use port 993 to connect to the IMAP server. Previously, Gnus tried 
RKdC> the port list for ssl (143, 993, imap and imaps), settled on 993 and asked 
RKdC> me for my username and password showing "imap.gmail.com:993" in the prompt.

IMAP/S is normally port 993 (IMAP over SSL).  TLS is on port 143.  This
is confusing enough that before we had a whole lot of special cases to
get the result you detail.

RKdC> Now, the prompt shows me "Personal:143", so the host is not shown, and the 
RKdC> port is wrong. It then asks me to write this information (with the wrong 
RKdC> port) into ~/.authinfo.gpg. I then choose "n" and it works fine, because 
RKdC> after that Gnus ends up connecting to port 993.

The first part, "Personal", is the nnimap server name.  It will work as
far as Gnus is concerned.  I guess we can put the address first in the
list so it gets picked as the default.  I'll commit that change.

The second part is correct: 143 is the first element of the search that
nnimap.el constructs.  We should put "imap" first if that's what we want
(but Lars should decide the order).  I will change auth-source to ask
when there are multiple candidates.

RKdC> Any other program that prompts for confirmation of this sort of data usually 
RKdC> uses "***" or something like that when asking to write the password. 
RKdC> Wouldn't it be possible to at least add a variable for the paranoid? :)

OK.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Matt Lundin]

Matt Lundin <mdl@imapmail.org> writes:

> In short, auth-source-search finds the correct values in authinfo.gpg
> but does not find them in an unencrypted authinfo file with identical
> lines. (Note, when running the tests, I deleted .authinfo when trying
> .authinfo.gpg and vice versa.)
>
> The value of auth-sources is ("~/.authinfo.gpg" "~/.authinfo").
>

As a follow-up: Everything works with an unencrypted authinfo if I
change the value of auth-sources to '("~/.authinfo").

Best,
Matt

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Steinar Bang]

>>>>> Matt Lundin <mdl@imapmail.org>:

> As a follow-up: Everything works with an unencrypted authinfo if I
> change the value of auth-sources to '("~/.authinfo").

The .authinfo.gpg that got created for me on emacs22 was unencrypted.
And it ignored the existing ~/.authinfo.

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> The second part is correct: 143 is the first element of the search that
> nnimap.el constructs.  We should put "imap" first if that's what we want
> (but Lars should decide the order).  I will change auth-source to ask
> when there are multiple candidates.

Well, there really are two distinct cases when it comes to querying and
creation.

When we're querying, we want to query for all the known port numbers.
But when we create, we know what port number we want to create, and the
user shouldn't be queried at all.

In the nnimap case, we want to query 143 993 imaps imap, because all
those may be present in the ~/.authinfo file.  But when we create, we
want it to be imap, because that makes more sense.

The old netrc stuff just used the convention of "use the last port
number in the query list when creating", but it might be cleaner to have
this be an explicit parameter.  In any case, the user shouldn't be
prompted when creating the credentials.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Thu, 17 Feb 2011 15:54:07 -0800 Lars Ingebrigtsen <larsi@gnus.org> wrote: 

LI> Ted Zlatanov <tzz@lifelogs.com> writes:
>> The second part is correct: 143 is the first element of the search that
>> nnimap.el constructs.  We should put "imap" first if that's what we want
>> (but Lars should decide the order).  I will change auth-source to ask
>> when there are multiple candidates.

LI> Well, there really are two distinct cases when it comes to querying and
LI> creation.

LI> When we're querying, we want to query for all the known port numbers.
LI> But when we create, we know what port number we want to create, and the
LI> user shouldn't be queried at all.

LI> In the nnimap case, we want to query 143 993 imaps imap, because all
LI> those may be present in the ~/.authinfo file.  But when we create, we
LI> want it to be imap, because that makes more sense.

LI> The old netrc stuff just used the convention of "use the last port
LI> number in the query list when creating", but it might be cleaner to have
LI> this be an explicit parameter.  In any case, the user shouldn't be
LI> prompted when creating the credentials.

I thought it made sense to allow "no port" as an option, so you have a
general entry for that machine.  But I guess that's too much
hand-holding when the user can just edit their authinfo file.  So I'll
change it to always take the first element of any lists in the query and
nnimap.el will reverse the ports list.  The user won't be prompted
unless a required parameter is missing from the search query.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Thu, 17 Feb 2011 16:22:27 +0100 Steinar Bang <sb@dod.no> wrote: 

>>>>>> Matt Lundin <mdl@imapmail.org>:
>> As a follow-up: Everything works with an unencrypted authinfo if I
>> change the value of auth-sources to '("~/.authinfo").

SB> The .authinfo.gpg that got created for me on emacs22 was unencrypted.
SB> And it ignored the existing ~/.authinfo.

Was EPA/EPG in Emacs 22?  I don't think so.  Another hack required to
support 22...  Sigh.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> So I'll change it to always take the first element of any lists in the
> query and nnimap.el will reverse the ports list.  The user won't be
> prompted unless a required parameter is missing from the search query.

Sounds good.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Steinar Bang]

>>>>> Ted Zlatanov <tzz@lifelogs.com>:

> Was EPA/EPG in Emacs 22?  I don't think so.  Another hack required to
> support 22...  Sigh.

No need for my sake.  I'll live with Lars' fixes, and the good old
unencrypted file.

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Fri, 18 Feb 2011 15:10:05 -0800 Lars Ingebrigtsen <larsi@gnus.org> wrote: 

LI> Ted Zlatanov <tzz@lifelogs.com> writes:
>> So I'll change it to always take the first element of any lists in the
>> query and nnimap.el will reverse the ports list.  The user won't be
>> prompted unless a required parameter is missing from the search query.

LI> Sounds good.

This is now the case.  Any parameters with a nil or t value will be
omitted from the saved line.  The password is the only one we will ask
for.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> This is now the case.  Any parameters with a nil or t value will be
> omitted from the saved line.  The password is the only one we will ask
> for.

It needs to ask for the user name, too, doesn't it?

With this call:

(nnimap-credentials "foo" '("imap" "imaps"))

I get this prompt, which is still confusing (in addition to not
prompting for the user name):

Password for [any user]@foo:(imap, imaps)? 

It should say

"imap user name at foo: "

and

"imap password for larsi at foo: "

In my opinion, that's pretty understandable.  (And it takes the port
name from the first entry in the list of ports.)

In addition, the prompt you get afterwords is still way to complicated.
nnimap has decided what port number to put into the line, so offering to
edit the line at all is just confusing.  If the user wants to edit the
stuff, the user knows that they can just edit the ~/.authinfo file
themselves. 

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Wed, 23 Feb 2011 00:52:39 -0800 Lars Ingebrigtsen <larsi@gnus.org> wrote: 

LI> Ted Zlatanov <tzz@lifelogs.com> writes:
>> This is now the case.  Any parameters with a nil or t value will be
>> omitted from the saved line.  The password is the only one we will ask
>> for.

LI> It needs to ask for the user name, too, doesn't it?

Maybe.  Right now it's guessed.  People seem to prefer fewer prompts and
you can always `e'dit the line afterwards.  I mentioned that in my reply
to Simon Josefsson just now, too.

LI> With this call:

LI> (nnimap-credentials "foo" '("imap" "imaps"))

LI> I get this prompt, which is still confusing (in addition to not
LI> prompting for the user name):

LI> Password for [any user]@foo:(imap, imaps)? 

LI> It should say

LI> "imap user name at foo: "

LI> and

LI> "imap password for larsi at foo: "

It should have said "Password for [any user]@foo:imap?" and I guess
that's a bug (fix just went in) .  The "any user" and "any port" part is
necessary IMO to make the intent clear.

If the port is numeric your proposal is not so good: 

"143 password at foo: "

so I'd rather keep the current prompt.

LI> In addition, the prompt you get afterwords is still way to complicated.
LI> nnimap has decided what port number to put into the line, so offering to
LI> edit the line at all is just confusing.  If the user wants to edit the
LI> stuff, the user knows that they can just edit the ~/.authinfo file
LI> themselves. 

I disagree.  You can make it an option to bypass that prompt if you
like, but I really want to show it by default.  It's a rare event and
when it happens, the user should know it's going to modify a netrc file.

The user doesn't necessarily know to edit the .authinfo file.  He may
not even know what that is.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Raphael Kubo da Costa]

Ted Zlatanov wrote:

> On Wed, 23 Feb 2011 00:52:39 -0800 Lars Ingebrigtsen <larsi@gnus.org>
> wrote:
> LI> It needs to ask for the user name, too, doesn't it?
> 
> Maybe.  Right now it's guessed.  People seem to prefer fewer prompts and
> you can always `e'dit the line afterwards.  I mentioned that in my reply
> to Simon Josefsson just now, too.

I'm bitten by this, by the way -- since I don't want to store my password in 
~/.{authinfo,authinfo.gpg,netrc}, even if encrypted, auth-source tries to 
guess my IMAP username.

Would it make sense if I could just store the "host", "port" and "user" 
parameters in ~/.{authinfo,authinfo.gpg,netrc} and then Gnus would prompt 
me/try to guess the missing parameters?

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Wed, 23 Feb 2011 14:00:09 -0300 Raphael Kubo da Costa <kubito@gmail.com> wrote: 

RKdC> Ted Zlatanov wrote:
>> On Wed, 23 Feb 2011 00:52:39 -0800 Lars Ingebrigtsen <larsi@gnus.org>
>> wrote:
LI> It needs to ask for the user name, too, doesn't it?
>> 
>> Maybe.  Right now it's guessed.  People seem to prefer fewer prompts and
>> you can always `e'dit the line afterwards.  I mentioned that in my reply
>> to Simon Josefsson just now, too.

RKdC> I'm bitten by this, by the way -- since I don't want to store my password in 
RKdC> ~/.{authinfo,authinfo.gpg,netrc}, even if encrypted, auth-source tries to 
RKdC> guess my IMAP username.

RKdC> Would it make sense if I could just store the "host", "port" and "user" 
RKdC> parameters in ~/.{authinfo,authinfo.gpg,netrc} and then Gnus would prompt 
RKdC> me/try to guess the missing parameters?

It should work.  For instance this line:

machine testserver login tzz

in the authinfo file matches this:

(auth-source-search :host "testserver")

and returns this:

((:host "testserver" :user "tzz"))

In other words, the password is not required for a successful match.  If
it doesn't work for you, set `auth-source-debug' to 'trivia and send me
the relevant lines from *Messages*.

Thanks
Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Raphael Kubo da Costa]

Ted Zlatanov wrote:

> On Wed, 23 Feb 2011 14:00:09 -0300 Raphael Kubo da Costa
> <kubito@gmail.com> wrote:
> RKdC> Would it make sense if I could just store the "host", "port" and
> "user" RKdC> parameters in ~/.{authinfo,authinfo.gpg,netrc} and then Gnus
> would prompt RKdC> me/try to guess the missing parameters?
> 
> It should work.  For instance this line:
> 
> machine testserver login tzz
> 
> in the authinfo file matches this:
> 
> (auth-source-search :host "testserver")
> 
> and returns this:
> 
> ((:host "testserver" :user "tzz"))
> 
> In other words, the password is not required for a successful match.  If
> it doesn't work for you, set `auth-source-debug' to 'trivia and send me
> the relevant lines from *Messages*.
> 
> Thanks
> Ted

This is my ~/.authinfo:

machine imap.gmail.com login XXXX port 993

When I lauch Gnus, it asks me if I want to carry on after a failed login 
attempt. No password was asked. *Messages* shows this:

auth-source-search: found 3 backends matching (:max 1 :host 
("imap.gmail.com" "Personal") :port ("143" "993" "imap" "imaps") :create t)

auth-source-search-backend: got 1 (max 1) in netrc:~/.authinfo matching 
(:max 1 :host ("imap.gmail.com" "Personal") :port ("143" "993" "imap" 
"imaps") :create t)

auth-source-search: found 1 results (max 1) matching (:max 1 :host 
("imap.gmail.com" "Personal") :port ("143" "993" "imap" "imaps") :create t)

nnimap (Personal) open error: 'NO (AUTHENTICATIONFAILED) Invalid credentials 
(Failure)'.  Continue? (y or n) 

Couldn't open server on Personal

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Wed, 23 Feb 2011 14:56:26 -0300 Raphael Kubo da Costa <kubito@gmail.com> wrote: 

RKdC> This is my ~/.authinfo:

RKdC> machine imap.gmail.com login XXXX port 993

RKdC> When I lauch Gnus, it asks me if I want to carry on after a failed login 
RKdC> attempt. No password was asked. *Messages* shows this:

RKdC> auth-source-search: found 3 backends matching (:max 1 :host 
RKdC> ("imap.gmail.com" "Personal") :port ("143" "993" "imap" "imaps") :create t)

RKdC> auth-source-search-backend: got 1 (max 1) in netrc:~/.authinfo matching 
RKdC> (:max 1 :host ("imap.gmail.com" "Personal") :port ("143" "993" "imap" 
RKdC> "imaps") :create t)

RKdC> auth-source-search: found 1 results (max 1) matching (:max 1 :host 
RKdC> ("imap.gmail.com" "Personal") :port ("143" "993" "imap" "imaps") :create t)

RKdC> nnimap (Personal) open error: 'NO (AUTHENTICATIONFAILED) Invalid credentials 
RKdC> (Failure)'.  Continue? (y or n) 

RKdC> Couldn't open server on Personal

nnimap.el should handle the case where the returned info doesn't have a
password.  There are cases where IMAP servers do not require a password,
so it would not be appropriate to ask in `nnimap-credentials'.  I think
the change needs to be made in `nnimap-login', replacing all instances
of `password' with `(nnimap-login-password password)' which could look
like this (100% untested):

(defmacro nnimap-login-password (password)
  (setq password (if password
                     password
                   (read-passwd "Password: "))))

This is something that Lars will have to do, though.  I don't know that
code well enough to say whether it's the right solution; the password
prompt should mention the server, user name, and port.  And it may make
sense to do this prompting for the user name as well.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> It should have said "Password for [any user]@foo:imap?" and I guess
> that's a bug (fix just went in) .  The "any user" and "any port" part is
> necessary IMO to make the intent clear.
>
> If the port is numeric your proposal is not so good: 
>
> "143 password at foo: "

But it'll never be "143 password" -- since "imap" is first in the list.
It's a good point, though -- I think it would be way more readable if
there's a parameter to auth-source that lets the caller specify what
we're asking the user for.

So a :service "IMAP" would be nice, and then you can just drop showing
the port number at all.

> I disagree.  You can make it an option to bypass that prompt if you
> like, but I really want to show it by default.  It's a rare event and
> when it happens, the user should know it's going to modify a netrc file.
>
> The user doesn't necessarily know to edit the .authinfo file.  He may
> not even know what that is.

The prompt asks whether to save it to the .authinfo.gpg file, so the
user knows that it exists.  It's a very easily readable file, so 1) the
user knows it exists, 2) the user can open it all they want, and 3) they
can edit it trivially, if they so choose.

Instead they're faced with this rather complex choice where any normal
user will surmise that they're somehow supposed to edit the line for
Gnus to work.  And that's not good.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> LI> It needs to ask for the user name, too, doesn't it?
>
> Maybe.  Right now it's guessed.  People seem to prefer fewer prompts and
> you can always `e'dit the line afterwards.  I mentioned that in my reply
> to Simon Josefsson just now, too.

It needs to prompt for the user name.  I mean, really.  It needs to.
Otherwise most people will not have a working setup if they connect to
gmail, for instance.

Asking them to edit the line afterwards is not acceptable.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

[-- Attachment #1: Type: text/plain, Size: 2702 bytes --]

On Wed, 23 Feb 2011 15:36:40 -0800 Lars Ingebrigtsen <larsi@gnus.org> wrote: 

LI> Ted Zlatanov <tzz@lifelogs.com> writes:
LI> It needs to ask for the user name, too, doesn't it?
>> 
>> Maybe.  Right now it's guessed.  People seem to prefer fewer prompts and
>> you can always `e'dit the line afterwards.  I mentioned that in my reply
>> to Simon Josefsson just now, too.

LI> It needs to prompt for the user name.  I mean, really.  It needs to.
LI> Otherwise most people will not have a working setup if they connect to
LI> gmail, for instance.

OK.  I added a user name prompt and removed that default.  The default
prompts are not great but should be OK.

I wrote `auth-source-format-prompt' in the attached patch because I
don't want to depend on all the Gnus format spec stuff.  I figured it
was a simple enough task and it seems to work.

On Wed, 23 Feb 2011 15:35:34 -0800 Lars Ingebrigtsen <larsi@gnus.org> wrote: 

LI> Ted Zlatanov <tzz@lifelogs.com> writes:

>> It should have said "Password for [any user]@foo:imap?" and I guess
>> that's a bug (fix just went in) .  The "any user" and "any port" part is
>> necessary IMO to make the intent clear.
>> 
>> If the port is numeric your proposal is not so good: 
>> 
>> "143 password at foo: "

LI> But it'll never be "143 password" -- since "imap" is first in the list.
LI> It's a good point, though -- I think it would be way more readable if
LI> there's a parameter to auth-source that lets the caller specify what
LI> we're asking the user for.

LI> So a :service "IMAP" would be nice, and then you can just drop showing
LI> the port number at all.

Yeah, that sounds good.  I don't like that it pollutes the search spec,
though.  How about something like

(let ((auth-source-creation-prompts '(user "IMAP user name for %h? ")))
 ... auth-source-search invocation ...

Remember we support more than user, host, port, and password.  The query
string can have any parameter and the prompts need to support it.

I attach a patch that does all this.  See what you think.

>> The user doesn't necessarily know to edit the .authinfo file.  He may
>> not even know what that is.

LI> The prompt asks whether to save it to the .authinfo.gpg file, so the
LI> user knows that it exists.  It's a very easily readable file, so 1) the
LI> user knows it exists, 2) the user can open it all they want, and 3) they
LI> can edit it trivially, if they so choose.

LI> Instead they're faced with this rather complex choice where any normal
LI> user will surmise that they're somehow supposed to edit the line for
LI> Gnus to work.  And that's not good.

The problem is, I don't know how to make it less complex and don't want
to make it less functional.

Ted


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: auth-source-prompting.patch --]
[-- Type: text/x-diff, Size: 7053 bytes --]

diff --git a/lisp/auth-source.el b/lisp/auth-source.el
index 1db6b56..a40b4d2 100644
--- a/lisp/auth-source.el
+++ b/lisp/auth-source.el
@@ -147,6 +147,9 @@ let-binding."
 (defvar auth-source-creation-defaults nil
   "Defaults for creating token values.  Usually let-bound.")
 
+(defvar auth-source-creation-prompts nil
+  "Default prompts for token values.  Usually let-bound.")
+
 (make-obsolete 'auth-source-hide-passwords nil "Emacs 24.1")
 
 (defvar auth-source-magic "auth-source-magic ")
@@ -445,12 +448,18 @@ parameter, that parameter will be required in the resulting
 token.  The value for that parameter will be obtained from the
 search parameters or from user input.  If any queries are needed,
 the alist `auth-source-creation-defaults' will be checked for the
-default prompt.
+default value.  If the user, host, or port are missing, the alist
+`auth-source-creation-prompts' will be used to look up the
+prompts IN THAT ORDER (so the 'user prompt will be queried first,
+then 'host, then 'port, and finally 'secret).  Each prompt string
+can use %u, %h, and %p to show the user, host, and port.
 
 Here's an example:
 
 \(let ((auth-source-creation-defaults '((user . \"defaultUser\")
-                                        (A    . \"default A\"))))
+                                        (A    . \"default A\")))
+       (auth-source-creation-prompts
+        '((password . \"Enter IMAP password for %h:%p: \"))))
   (auth-source-search :host '(\"nonesuch\" \"twosuch\") :type 'netrc :max 1
                       :P \"pppp\" :Q \"qqqq\"
                       :create '(A B Q)))
@@ -462,12 +471,11 @@ which says:
 
  Create a new entry if you found none.  The netrc backend will
  automatically require host, user, and port.  The host will be
- 'nonesuch' and Q will be 'qqqq'.  We prompt for A with default
- 'default A', for B and port with default nil, and for the
- user with default 'defaultUser'.  We will not prompt for Q.  The
- resulting token will have keys user, host, port, A, B, and Q.
- It will not have P with any value, even though P is used in the
- search to find only entries that have P set to 'pppp'.\"
+ 'nonesuch' and Q will be 'qqqq'.  We prompt for the password
+ with the shown prompt.  We will not prompt for Q.  The resulting
+ token will have keys user, host, port, A, B, and Q.  It will not
+ have P with any value, even though P is used in the search to
+ find only entries that have P set to 'pppp'.\"
 
 When multiple values are specified in the search parameter, the
 user is prompted for which one.  So :host (X Y Z) would ask the
@@ -913,6 +921,17 @@ See `auth-source-search' for details on SPEC."
       (nth 0 v)
     v))
 
+;; (auth-source-format-prompt "test %u %h %p" '((?u "user") (?h "host")))
+
+(defun auth-source-format-prompt (prompt alist)
+  "Format PROMPT using %x (for any character x) specifiers in ALIST."
+  (dolist (cell alist)
+    (let ((c (nth 0 cell))
+          (v (nth 1 cell)))
+      (when (and c v)
+        (setq prompt (replace-regexp-in-string (format "%%%c" c) v prompt)))))
+  prompt)
+
 ;;; (auth-source-search :host "nonesuch" :type 'netrc :max 1 :create t)
 ;;; (auth-source-search :host "nonesuch" :type 'netrc :max 1 :create t :create-extra-keys '((A "default A") (B)))
 
@@ -964,31 +983,50 @@ See `auth-source-search' for details on SPEC."
              ;; the default supplementals are simple: for the user,
              ;; try (user-login-name), otherwise take given-default
              (default (cond
-                       ((and (not given-default) (eq r 'user))
-                        (user-login-name))
-                       (t given-default))))
+                       ;; don't default the user name
+                       ;; ((and (not given-default) (eq r 'user))
+                       ;;  (user-login-name))
+                       (t given-default)))
+             (printable-defaults (list
+                                  (cons 'user
+                                        (or
+                                         (auth-source-netrc-element-or-first
+                                          (aget valist 'user))
+                                         (plist-get artificial :user)
+                                         "[any user]"))
+                                  (cons 'host
+                                        (or
+                                         (auth-source-netrc-element-or-first
+                                          (aget valist 'host))
+                                         (plist-get artificial :host)
+                                         "[any host]"))
+                                  (cons 'port
+                                        (or
+                                         (auth-source-netrc-element-or-first
+                                          (aget valist 'port))
+                                         (plist-get artificial :port)
+                                         "[any port]"))))
+             (prompt (or (aget auth-source-creation-prompts r)
+                         (case r
+                           ('secret "%p password for user %u, host %h: ")
+                           ('user "%p user name: ")
+                           ('host "%p host name for user %u: ")
+                           ('port "%p port for user %u and host %h: "))
+                         (format "Enter %s (%%u@%%h:%%p): " r)))
+             (prompt (auth-source-format-prompt
+                      prompt
+                      `((?u ,(aget printable-defaults 'user))
+                        (?h ,(aget printable-defaults 'host))
+                        (?p ,(aget printable-defaults 'port))))))
 
         ;; store the data, prompting for the password if needed
         (setq data
               (cond
                ((and (null data) (eq r 'secret))
                 ;; special case prompt for passwords
-                (read-passwd (format "Password for %s@%s:%s: "
-                                     (or
-                                      (auth-source-netrc-element-or-first
-                                       (aget valist 'user))
-                                      (plist-get artificial :user)
-                                      "[any user]")
-                                     (or
-                                      (auth-source-netrc-element-or-first
-                                       (aget valist 'host))
-                                      (plist-get artificial :host)
-                                      "[any host]")
-                                     (or
-                                      (auth-source-netrc-element-or-first
-                                       (aget valist 'port))
-                                      (plist-get artificial :port)
-                                      "[any port]"))))
+                (read-passwd prompt))
+               ((null data)
+                (read-string prompt default))
                (t (or data default))))
 
         (when data

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> OK.  I added a user name prompt and removed that default.

Great!

> I wrote `auth-source-format-prompt' in the attached patch because I
> don't want to depend on all the Gnus format spec stuff.  I figured it
> was a simple enough task and it seems to work.

Yeah, let's not overengineer this more than it needs to be
overengineered.  :-)

> Yeah, that sounds good.  I don't like that it pollutes the search spec,
> though.  How about something like
>
> (let ((auth-source-creation-prompts '(user "IMAP user name for %h? ")))
>  ... auth-source-search invocation ...

True.  On the other hand, the functions take a keyword list, so it's
less polluting than normal Emacs Lisp functions to add more args.

> I attach a patch that does all this.  See what you think.

I wrote the last message at SFO, and I'm writing this on the Heathrow
Express.  I feel so globetrottery.  :-)

I'll have a peek when the transportation isn't so shakey.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Thu, 24 Feb 2011 03:35:15 -0800 Lars Ingebrigtsen <larsi@gnus.org> wrote: 

LI> Ted Zlatanov <tzz@lifelogs.com> writes:

>> Yeah, that sounds good.  I don't like that it pollutes the search spec,
>> though.  How about something like
>> 
>> (let ((auth-source-creation-prompts '(user "IMAP user name for %h? ")))
>> ... auth-source-search invocation ...

LI> True.  On the other hand, the functions take a keyword list, so it's
LI> less polluting than normal Emacs Lisp functions to add more args.

It pollutes the search spec, which gets passed down to the backends.
IOW a new :prompt parameter would have to be known and removed by every
backend from the actual search intention, as opposed to the ignored-keys
in `auth-source-search' which are removed at the top.  It may have been
better to put the *search* spec in a :search parameter to
`auth-source-search' but it would have complicated the API even more.
So I'm claiming it's The Perfect API instead.

I pushed my patch in; let's see what people think.  Also see Simon
Josefsson's suggestions about the prompt.  I'm sure we'll figure out
something that works for everyone.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Raphael Kubo da Costa]

Ted Zlatanov wrote:

> I pushed my patch in; let's see what people think.  Also see Simon
> Josefsson's suggestions about the prompt.  I'm sure we'll figure out
> something that works for everyone.

It still doesn't work if I have an incomplete 
~/.authinfo,authinfo.gpg,netrc}, but as you said this probably depends on 
Lars.

If I remove them, I am correctly prompted for my username, however the 
prompt does show "143 user name" and "143 password for user XXX, host 
imap.gmail.com". And if I press "e" afterwards, the line that would be added 
to ~/.{authinfo,...} has "143" in the port, even though Gnus seems to 
connect to the correct port later.

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Thu, 24 Feb 2011 10:48:45 -0300 Raphael Kubo da Costa <kubito@gmail.com> wrote: 

RKdC> Ted Zlatanov wrote:

>> I pushed my patch in; let's see what people think.  Also see Simon
>> Josefsson's suggestions about the prompt.  I'm sure we'll figure out
>> something that works for everyone.

RKdC> It still doesn't work if I have an incomplete 
RKdC> ~/.authinfo,authinfo.gpg,netrc}, but as you said this probably depends on 
RKdC> Lars.

RKdC> If I remove them, I am correctly prompted for my username, however the 
RKdC> prompt does show "143 user name" and "143 password for user XXX, host 
RKdC> imap.gmail.com". And if I press "e" afterwards, the line that would be added 
RKdC> to ~/.{authinfo,...} has "143" in the port, even though Gnus seems to 
RKdC> connect to the correct port later.

auth-source picks the first port in the search spec's :port entry.  So
`nnimap-open-connection-1' needs to specify "imap" or "imaps" first in
the ports or the ports need to be reordered before they are sent to
`auth-source-search'.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> nnimap.el should handle the case where the returned info doesn't have a
> password.  There are cases where IMAP servers do not require a password,
> so it would not be appropriate to ask in `nnimap-credentials'.

Hm.  Are there any servers that require just a user name and not a
password? 

> (defmacro nnimap-login-password (password)
>   (setq password (if password
>                      password
>                    (read-passwd "Password: "))))
>
> This is something that Lars will have to do, though.  I don't know that
> code well enough to say whether it's the right solution; the password
> prompt should mention the server, user name, and port.  And it may make
> sense to do this prompting for the user name as well.

Sorry, I don't understand the use case here.  If auth-source didn't
return a password, nnimap should then query for a password?

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> auth-source picks the first port in the search spec's :port entry.  So
> `nnimap-open-connection-1' needs to specify "imap" or "imaps" first in
> the ports or the ports need to be reordered before they are sent to
> `auth-source-search'.

I've now done this.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Thu, 24 Feb 2011 20:42:13 -0800 Lars Ingebrigtsen <larsi@gnus.org> wrote: 

LI> Ted Zlatanov <tzz@lifelogs.com> writes:
>> nnimap.el should handle the case where the returned info doesn't have a
>> password.  There are cases where IMAP servers do not require a password,
>> so it would not be appropriate to ask in `nnimap-credentials'.

LI> Hm.  Are there any servers that require just a user name and not a
LI> password?

The problem is that auth-source didn't get a password for whatever
reason.  netrc lines can have no password, for instance (which is the
use case here, in which case the netrc file just has the user, port, and
host).

The issue is that omitting :secret from the search says "any password
will do, including nil".  On *creation* the password will be required by
the netrc backend, but the search results will be happy without it.  

We can add a :required list parameter which would filter out results
that don't contain those tokens.  Then the `auth-source-search' caller
would be guaranteed that any results will have the :required tokens.
Yeah, that would work.

>> (defmacro nnimap-login-password (password)
>> (setq password (if password
>> password
>> (read-passwd "Password: "))))
>> 
>> This is something that Lars will have to do, though.  I don't know that
>> code well enough to say whether it's the right solution; the password
>> prompt should mention the server, user name, and port.  And it may make
>> sense to do this prompting for the user name as well.

LI> Sorry, I don't understand the use case here.  If auth-source didn't
LI> return a password, nnimap should then query for a password?

Yes.  So if we don't add :required to `auth-source-search', nnimap.el
will have to do this.  Let me know which one you like better.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Magne Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> Yes.  So if we don't add :required to `auth-source-search', nnimap.el
> will have to do this.  Let me know which one you like better.

:required sounds like the best solution.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Sat, 05 Mar 2011 13:15:40 +0100 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> Ted Zlatanov <tzz@lifelogs.com> writes:
>> Yes.  So if we don't add :required to `auth-source-search', nnimap.el
>> will have to do this.  Let me know which one you like better.

LMI> :required sounds like the best solution.

I did this and added it to nnimap.el.  It is distinct from :create,
which has keys that only get used at creation time.

Also I added :save-function support, which is related to Emacs bug
#8050.  So now nnimap.el will call the saver of the new data after a
successful login only.

Let me know what you think.  Thanks.

Ted

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Lars Magne Ingebrigtsen]

Ted Zlatanov <tzz@lifelogs.com> writes:

> Also I added :save-function support, which is related to Emacs bug
> #8050.  So now nnimap.el will call the saver of the new data after a
> successful login only.
>
> Let me know what you think.  Thanks.

Looks great; thanks.  Just one teensy nit-pick: It says

IMAP user at foo.org: (default larsi) 

I think the colon should have been at the end of the line, probably.

-- 
(domestic pets only, the antidote for overdose, milk.)
  larsi@gnus.org * Lars Magne Ingebrigtsen

Re: Making Gnus ask my IMAP username and password after the recent auth-source changes

[Ted Zlatanov]

On Tue, 15 Mar 2011 17:28:28 +0100 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> Ted Zlatanov <tzz@lifelogs.com> writes:
>> Also I added :save-function support, which is related to Emacs bug
>> #8050.  So now nnimap.el will call the saver of the new data after a
>> successful login only.
>> 
>> Let me know what you think.  Thanks.

LMI> Looks great; thanks.  Just one teensy nit-pick: It says

LMI> IMAP user at foo.org: (default larsi) 

LMI> I think the colon should have been at the end of the line, probably.

I see Stefan Monnier made a change to fix that (plus a bunch of other
fixes) on the Emacs side but it hasn't come back to the Gnus code.  I
think Yamaoka-san needs to pull the Emacs changes in.

Ted