>From a1701d3a7b96b6a7bb34b2a026caa6850c7574c5 Mon Sep 17 00:00:00 2001 From: "F. Jason Park" Date: Sun, 6 Nov 2022 20:51:19 -0800 Subject: [PATCH 0/2] *** NOT A PATCH *** *** BLURB HERE *** F. Jason Park (2): [POC] Make auth-source-pass behave more like other backends [POC] Support auth-source-pass in ERC doc/misc/auth.texi | 11 +++ doc/misc/erc.texi | 3 +- etc/NEWS | 8 ++ lisp/auth-source-pass.el | 109 ++++++++++++++++++++- lisp/erc/erc-compat.el | 101 +++++++++++++++++++ lisp/erc/erc.el | 7 +- test/lisp/auth-source-pass-tests.el | 144 ++++++++++++++++++++++++++++ test/lisp/erc/erc-services-tests.el | 3 - 8 files changed, 380 insertions(+), 6 deletions(-) Interdiff: diff --git a/doc/misc/auth.texi b/doc/misc/auth.texi index 9dc63af6bc..222fce2058 100644 --- a/doc/misc/auth.texi +++ b/doc/misc/auth.texi @@ -526,6 +526,8 @@ The Unix password store while searching for an entry matching the @code{rms} user on host @code{gnu.org} and port @code{22}, then the entry @file{gnu.org:22/rms.gpg} is preferred over @file{gnu.org.gpg}. +However, such filtering is not applied when the option +@code{auth-source-pass-extra-parameters} is set to @code{t}. Users of @code{pass} may also be interested in functionality provided by other Emacs packages: @@ -549,6 +551,15 @@ The Unix password store port in an entry. Defaults to @samp{:}. @end defvar +@defvar auth-source-pass-extra-query-keywords +Set this to @code{t} if you encounter problems predicting the outcome +of searches relative to other auth-source backends or if you have code +that expects to query multiple backends uniformly. This tells +auth-source-pass to consider the @code{:max} and @code{:require} +keywords as well as lists containing multiple query params (for +applicable keywords). +@end defvar + @node Help for developers @chapter Help for developers diff --git a/etc/NEWS b/etc/NEWS index 89da8aa63f..776936489f 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -1383,6 +1383,14 @@ If non-nil and there's only one matching option, auto-select that. If non-nil, this user option describes what entries not to add to the database stored on disk. +** Auth-Source + ++++ +*** New user option 'auth-source-pass-extra-query-keywords'. +Whether to recognize additional keyword params, like ':max' and +':require', as well as accept lists of query terms paired with +applicable keywords. + ** Dired +++ diff --git a/lisp/auth-source-pass.el b/lisp/auth-source-pass.el index 44c47c30b7..d9129667e1 100644 --- a/lisp/auth-source-pass.el +++ b/lisp/auth-source-pass.el @@ -55,14 +55,18 @@ auth-source-pass-port-separator :type 'string :version "27.1") -(defcustom auth-source-pass-standard-search nil - "Whether to use more standardized search behavior. -When nil, the password-store backend works like it always has and -considers at most one `:user' search parameter and returns at -most one result. With t, it tries to more faithfully mimic other -auth-source backends." - :version "29.1" - :type 'boolean) +(defcustom auth-source-pass-extra-query-keywords nil + "Whether to consider additional keywords when performing a query. +Specifically, when the value is t, recognize the `:max' and +`:require' keywords and accept lists of query parameters for +certain keywords, such as `:host' and `:user'. Also, wrap all +returned secrets in a function and forgo any further results +filtering unless given an applicable `:require' argument. When +this option is nil, do none of that, and enact the narrowing +behavior described toward the bottom of the Info node `(auth) The +Unix password store'." + :type 'boolean + :version "29.1") (cl-defun auth-source-pass-search (&rest spec &key backend type host user port @@ -80,7 +84,7 @@ auth-source-pass-search ((null host) ;; Do not build a result, as none will match when HOST is nil nil) - (auth-source-pass-standard-search + (auth-source-pass-extra-query-keywords (auth-source-pass--build-result-many host port user require max)) (t (when-let ((result (auth-source-pass--build-result host port user))) @@ -126,7 +130,7 @@ auth-source-pass--build-result-many require (or max 1)))) (when auth-source-debug (auth-source-pass--do-debug "final result: %S" rv)) - (if (eq auth-source-pass-standard-search 'test) + (if (eq auth-source-pass-extra-query-keywords 'test) (reverse rv) (let (out) (dolist (e rv out) diff --git a/test/lisp/auth-source-pass-tests.el b/test/lisp/auth-source-pass-tests.el index 242fc356b4..718c7cf4ba 100644 --- a/test/lisp/auth-source-pass-tests.el +++ b/test/lisp/auth-source-pass-tests.el @@ -494,7 +494,7 @@ auth-source-pass-prints-meaningful-debug-log ;; No entry has the requested port, but a result is still returned. -(ert-deftest auth-source-pass-standard-search--wild-port-miss-netrc () +(ert-deftest auth-source-pass-extra-query-keywords--wild-port-miss-netrc () (ert-with-temp-file netrc-file :text "\ machine x.com password a @@ -507,8 +507,8 @@ auth-source-pass-standard-search--wild-port-miss-netrc (setf result (plist-put result :secret (auth-info-password result)))) (should (equal results '((:host "x.com" :secret "a"))))))) -(ert-deftest auth-source-pass-standard-search--wild-port-miss () - (let ((auth-source-pass-standard-search 'test)) +(ert-deftest auth-source-pass-extra-query-keywords--wild-port-miss () + (let ((auth-source-pass-extra-query-keywords 'test)) (auth-source-pass--with-store '(("x.com" (secret . "a")) ("x.com:42" (secret . "b"))) (auth-source-pass-enable) @@ -517,7 +517,7 @@ auth-source-pass-standard-search--wild-port-miss ;; One of two entries has the requested port, both returned -(ert-deftest auth-source-pass-standard-search--wild-port-hit-netrc () +(ert-deftest auth-source-pass-extra-query-keywords--wild-port-hit-netrc () (ert-with-temp-file netrc-file :text "\ machine x.com password a @@ -531,8 +531,8 @@ auth-source-pass-standard-search--wild-port-hit-netrc (should (equal results '((:host "x.com" :secret "a") (:host "x.com" :port "42" :secret "b"))))))) -(ert-deftest auth-source-pass-standard-search--wild-port-hit () - (let ((auth-source-pass-standard-search 'test)) +(ert-deftest auth-source-pass-extra-query-keywords--wild-port-hit () + (let ((auth-source-pass-extra-query-keywords 'test)) (auth-source-pass--with-store '(("x.com" (secret . "a")) ("x.com:42" (secret . "b"))) (auth-source-pass-enable) @@ -542,7 +542,7 @@ auth-source-pass-standard-search--wild-port-hit ;; No entry has the requested port, but :port is required, so search fails -(ert-deftest auth-source-pass-standard-search--wild-port-req-miss-netrc () +(ert-deftest auth-source-pass-extra-query-keywords--wild-port-req-miss-netrc () (ert-with-temp-file netrc-file :text "\ machine x.com password a @@ -554,8 +554,8 @@ auth-source-pass-standard-search--wild-port-req-miss-netrc :host "x.com" :port 22 :require '(:port) :max 2))) (should-not results)))) -(ert-deftest auth-source-pass-standard-search--wild-port-req-miss () - (let ((auth-source-pass-standard-search 'test)) +(ert-deftest auth-source-pass-extra-query-keywords--wild-port-req-miss () + (let ((auth-source-pass-extra-query-keywords 'test)) (auth-source-pass--with-store '(("x.com" (secret . "a")) ("x.com:42" (secret . "b"))) (auth-source-pass-enable) @@ -566,7 +566,7 @@ auth-source-pass-standard-search--wild-port-req-miss ;; include extra fields (i.e., :port nil) in the result ;; https://lists.gnu.org/archive/html/emacs-devel/2022-11/msg00130.html -(ert-deftest auth-source-pass-standard-search--netrc-akib () +(ert-deftest auth-source-pass-extra-query-keywords--netrc-akib () (ert-with-temp-file netrc-file :text "\ machine x.com password a @@ -581,8 +581,8 @@ auth-source-pass-standard-search--netrc-akib (should (equal results '((:host "disroot.org" :user "akib" :secret "b"))))))) -(ert-deftest auth-source-pass-standard-search--akib () - (let ((auth-source-pass-standard-search 'test)) +(ert-deftest auth-source-pass-extra-query-keywords--akib () + (let ((auth-source-pass-extra-query-keywords 'test)) (auth-source-pass--with-store '(("x.com" (secret . "a")) ("akib@disroot.org" (secret . "b")) ("z.com" (secret . "c"))) @@ -593,16 +593,16 @@ auth-source-pass-standard-search--akib ;; A retrieved store entry mustn't be nil regardless of whether its ;; path contains port or user components -(ert-deftest auth-source-pass-standard-search--baseline () - (let ((auth-source-pass-standard-search 'test)) +(ert-deftest auth-source-pass-extra-query-keywords--baseline () + (let ((auth-source-pass-extra-query-keywords 'test)) (auth-source-pass--with-store '(("x.com")) (auth-source-pass-enable) (should-not (auth-source-search :host "x.com"))))) ;; Output port type (int or string) matches that of input parameter -(ert-deftest auth-source-pass-standard-search--port-type () - (let ((auth-source-pass-standard-search 'test)) +(ert-deftest auth-source-pass-extra-query-keywords--port-type () + (let ((auth-source-pass-extra-query-keywords 'test)) (auth-source-pass--with-store '(("x.com:42" (secret . "a"))) (auth-source-pass-enable) (should (equal (auth-source-search :host "x.com" :port 42) @@ -617,8 +617,8 @@ auth-source-pass-standard-search--port-type ;; matches are not given precedence, i.e., matching store items are ;; returned in the order encountered -(ert-deftest auth-source-pass-standard-search--hosts-first () - (let ((auth-source-pass-standard-search 'test)) +(ert-deftest auth-source-pass-extra-query-keywords--hosts-first () + (let ((auth-source-pass-extra-query-keywords 'test)) (auth-source-pass--with-store '(("x.com:42/bar" (secret . "a")) ("gnu.org" (secret . "b")) ("x.com" (secret . "c")) -- 2.38.1