imap-backup 2.2.2 → 3.0.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 726ef170419a3bcdc1a39517cdd81640ca0674f5d5f5452f8bc97ef819d74031
-  data.tar.gz: 8fc24ed36537a68899a45e22afa3fcf1dee90c27e8432853c2d88e5b4d5c5325
+  metadata.gz: bc793ba25439fdcaa725850344f0d95ba1dfc753847f0ac99ca6b6c54ab4517b
+  data.tar.gz: 4ca72bb525a0f155840f92c698f96c27df1f53898c691c016dd5bc39f65cda83
 SHA512:
-  metadata.gz: e2b59fa22614c634169104d75ad6214a0d8c788da712a8c3545281e98666b4d23b17e1a10cc1744fcf615966bd63616daa3241f7e932d2af4d10fd4508391583
-  data.tar.gz: 9e73290e3684aadc443f449f870c7ed8d23506408439bb69dc41b57613e8e439e32a4017f8dbfaf462ea5dac5fd029a0d4691c861600d4aaeeaff290e94e9215
+  metadata.gz: 19547948dba23faf57765db36cb9316e515a4fd92545e906e4ccf433c02d5d1a43c6aeeff25ebf1a32557f10a0956d7f6ae21a9cb99bd7f515bd741f3782a65e
+  data.tar.gz: a26d27d9ba32115d133df5da4660f4473d9defe7578bf77d735463dbad887ffe555414f71eeaf3f9ec16e229bea97072f85dfd72eaa41f30643da275c2f58a19

data/.rubocop.yml

@@ -11,10 +11,10 @@ AllCops:
 RSpec/ContextWording:
   Exclude:
     - "spec/features/**/*"
+RSpec/LeakyConstantDeclaration:
+  Enabled: false
 RSpec/MessageSpies:
   Enabled: false
-RSpec/NestedGroups:
-  Max: 4
 RSpec/ReturnFromStub:
   Enabled: false
 Style/EmptyCaseCondition:

data/.rubocop_todo.yml

@@ -1,28 +1,28 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2020-09-24 16:30:54 UTC using RuboCop version 0.89.1.
+# on 2021-01-09 09:21:34 UTC using RuboCop version 0.89.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
-# Offense count: 10
+# Offense count: 11
 # Configuration parameters: IgnoredMethods.
 Metrics/AbcSize:
-  Max: 29
+  Max: 33
 
 # Offense count: 2
 # Configuration parameters: CountComments, CountAsOne, ExcludedMethods.
 # ExcludedMethods: refine
 Metrics/BlockLength:
-  Max: 133
+  Max: 138
 
 # Offense count: 2
 # Configuration parameters: CountComments, CountAsOne.
 Metrics/ClassLength:
   Max: 167
 
-# Offense count: 14
+# Offense count: 17
 # Configuration parameters: CountComments, CountAsOne, ExcludedMethods.
 Metrics/MethodLength:
   Max: 25
@@ -30,29 +30,13 @@ Metrics/MethodLength:
 # Offense count: 2
 # Configuration parameters: CountComments, CountAsOne.
 Metrics/ModuleLength:
-  Max: 136
+  Max: 141
 
-# Offense count: 181
+# Offense count: 200
 # Configuration parameters: AllowSubject.
 RSpec/MultipleMemoizedHelpers:
-  Max: 19
+  Max: 16
 
 # Offense count: 1
-# Cop supports --auto-correct.
-Style/GlobalStdStream:
-  Exclude:
-    - 'lib/imap/backup.rb'
-
-# Offense count: 3
-# Cop supports --auto-correct.
-Style/IfUnlessModifier:
-  Exclude:
-    - 'bin/imap-backup'
-    - 'lib/email/mboxrd/message.rb'
-    - 'lib/imap/backup/configuration/account.rb'
-
-# Offense count: 1
-# Cop supports --auto-correct.
-Style/RedundantRegexpEscape:
-  Exclude:
-    - 'spec/features/backup_spec.rb'
+RSpec/NestedGroups:
+  Max: 6

data/README.md

@@ -16,11 +16,11 @@
 [Rubygem]: http://rubygems.org/gems/imap-backup "Ruby gem at rubygems.org"
 [Continuous Integration]: http://travis-ci.org/joeyates/imap-backup "Build status by Travis-CI"
 
-## Version 2
+## GMail
+
+GMail OAuth2 authentication is supported.
 
-With versions above 2.x, this gems stores IMAP metadata in a
-backwardly-incompatible way. When upgrading, all old backups will be gradually
-deleted to allow for the new file format to be introduced.
+To set it up, [follow the HOWTO](docs/setting-up-gmail.md).
 
 # Installation
 
@@ -115,13 +115,6 @@ Specifically, if you are using a self-signed certificate and get SSL errors, e.g
 }
 ```
 
-## GMail
-
-* Enable IMAP access to your account via the GMail interface (Settings/Forwarding and POP/IMAP),
-* Under 'Sign-in & security', 'Signing in to Google', 'App passwords', generate a password
-  for imap-backup,
-* In imap-backup setup, set the server to imap.gmail.com
-
 # Security
 
 Note that email usernames and passwords are held in plain text

data/bin/imap-backup

@@ -48,10 +48,13 @@ parser.parse!
 
 options[:command] = ARGV.shift if !ARGV.empty?
 
+# rubocop:disable Style/IfUnlessModifier
 if KNOWN_COMMANDS.find { |c| c[:name] == options[:command] }.nil?
   raise "Unknown command '#{options[:command]}'"
 end
 
+# rubocop:enable Style/IfUnlessModifier
+
 if options[:command] == "help"
   puts parser
   exit

data/docs/setting-up-gmail.md

@@ -0,0 +1,166 @@
+# Setting up GMail Authentication for imap-backup
+
+# Create a Google project
+
+Go to https://console.developers.google.com
+
+Select "Credentials".
+
+![Credential screen](01-credentials-screen.png)
+
+Select "CREATE PROJECT".
+
+![New project](02-new-project.png)
+
+Set or accept the "Project name",
+
+And optionally do the same with the "Project ID",
+
+Leave "Location" on "No organization",
+
+Click "CREATE".
+
+![Initial project credentials](03-initial-credentials-for-project.png)
+
+Click "+ CREATE CREDENTIALS".
+
+![Credential type selection](04-credential-type-selection.png)
+
+Select "OAuth client ID".
+
+![Can't create credentials before setting up the consent screen](05-cant-create-without-consent-setup.png)
+
+Click "CONFIGURE CONSENT SCREEN".
+
+![User type selection](06-user-type-selection.png)
+
+Select "External",
+
+Click "CREATE".
+
+![Consent screen form](07-consent-screen-form.png)
+
+Fill in "App name",
+
+Select your email as "User support email",
+
+Type in your email at the bottom under "Developer contact information",
+
+Click "SAVE AND CONTINUE".
+
+![App scopes](08-app-scopes.png)
+
+Click "ADD OR REMOVE SCOPES".
+
+![Scope selection](09-scope-selection.png)
+
+Under "Manually add scopes", type "https://mail.google.com/",
+
+Click "ADD TO TABLE",
+
+Click "UPDATE".
+
+![Updated app scopes](10-updated-app-scopes.png)
+
+Click "SAVE AND CONTINUE".
+
+![Test users](11-test-users.png)
+
+Click "+ ADD USERS".
+
+![Add users](12-add-users.png)
+
+Type in your email,
+
+Click "SAVE AND CONTINUE",
+
+Click "BACK TO DASHBOARD",
+
+Click "Credentials" in the menu
+
+And then click "+ CREATE CREDENTIALS" again,
+
+And select "OAuth client ID" again.
+
+![Create OAuth client](13-create-oauth-client.png)
+
+This time you will be able to proceed.
+
+![Application details](14-application-details.png)
+
+Select "TVs and limited input devices",
+
+Click "CREATE",
+
+Copy both "Your Client ID"
+
+And "Your Client Secret".
+
+# Set up imap-backup
+
+Run `imap-backup setup`.
+
+![Initial imap-backup menu](16-initial-menu.png)
+
+Choose 'add account'.
+
+![Type in your email address](17-inputting-the-email-address.png)
+
+Type in your GMail address.
+
+Note: if you have a custom domain (GSuite) address,
+e.g. "me@mycompany.com", you now need to
+choose 'server' and
+type in 'imap.gmail.com'.
+
+![Choose password](18-choose-password.png)
+
+Choose `password`.
+
+![Supply client info](19-supply-client-info.png)
+
+Type your "Client ID" and "Client Secret",
+
+Next you will be shown a URL to open in your browser.
+
+![Choose GMail account](20-choose-gmail-account.png)
+
+If you have more than one GMail account you will need to choose which
+you are configuring.
+
+![Accept warnings](21-accept-warnings.png)
+
+As the project "app" is in test mode,
+you'll need to accept to ignore this warning.
+
+Click "Advanced",
+
+Then click "Go to XXXYYYZZZ (unsafe)"
+
+![Grant access](22-grant-access.png)
+
+Choose "Allow".
+
+![Confirm choices](24-confirm-choices.png)
+
+Choose "Allow".
+
+![Success code screen](25-success-code.png)
+
+Click on the copy logo to copy the success code.
+
+![Paste the code](26-type-code-into-imap_backup.png)
+
+Paste the success code into imap-backup.
+
+Finally, choose 'test connection'.
+
+If all has gone well you should see this:
+
+![Connection successful](27-success.png)
+
+Now choose 'return to main menu',
+
+Then 'save and exit'.
+
+Your imap-backup is now configured to back up your GMail.

data/imap-backup.gemspec

@@ -16,14 +16,8 @@ Gem::Specification.new do |gem|
   gem.required_ruby_version = [">= 2.4.0"]
   gem.version = Imap::Backup::VERSION
 
-  gem.post_install_message = <<-MESSAGE.gsub(/^\s{4}/m, "")
-    Note that, when upgrading #{gem.name} from version 1.x to 2.x,
-    the metadata storage method has changed (from flat file to JSON).
-
-    As a result, on the first run after an upgrade, old backup folders will be
-    **deleted** and a full new backup created.
-  MESSAGE
-
+  gem.add_runtime_dependency "gmail_xoauth"
+  gem.add_runtime_dependency "googleauth"
   gem.add_runtime_dependency "highline"
   gem.add_runtime_dependency "mail"
   gem.add_runtime_dependency "rake"

data/lib/email/mboxrd/message.rb

@@ -10,9 +10,11 @@ module Email::Mboxrd
       cleaned = serialized.gsub(/^>(>*From)/, "\\1")
       # Serialized messages in this format *should* start with a line
       #   From xxx yy zz
+      # rubocop:disable Style/IfUnlessModifier
       if cleaned.start_with?("From ")
         cleaned = cleaned.sub(/^From .*[\r\n]*/, "")
       end
+      # rubocop:enable Style/IfUnlessModifier
       new(cleaned)
     end
 

data/lib/email/provider.rb

@@ -1,6 +1,8 @@
 module Email; end
 
 class Email::Provider
+  GMAIL_IMAP_SERVER = "imap.gmail.com".freeze
+
   def self.for_address(address)
     case
     when address.end_with?("@fastmail.com")
@@ -27,7 +29,7 @@ class Email::Provider
   def host
     case provider
     when :gmail
-      "imap.gmail.com"
+      GMAIL_IMAP_SERVER
     when :fastmail
       "imap.fastmail.com"
     end

data/lib/gmail/authenticator.rb

@@ -0,0 +1,160 @@
+require "googleauth"
+require "google/auth/stores/in_memory_token_store"
+
+module Gmail; end
+
+class Gmail::Authenticator
+  class MalformedImapBackupToken < StandardError; end
+
+  class ImapBackupToken
+    attr_reader :token
+
+    def self.from(
+      access_token:,
+      client_id:,
+      client_secret:,
+      expiration_time_millis:,
+      refresh_token:
+    )
+      {
+        access_token: access_token,
+        client_id: client_id,
+        client_secret: client_secret,
+        expiration_time_millis: expiration_time_millis,
+        refresh_token: refresh_token
+      }.to_json
+    end
+
+    def initialize(token)
+      @token = token
+    end
+
+    def valid?
+      return false if !body
+      return false if !access_token
+      return false if !client_id
+      return false if !client_secret
+      return false if !expiration_time_millis
+      return false if !refresh_token
+
+      true
+    end
+
+    def access_token
+      body["access_token"]
+    end
+
+    def client_id
+      body["client_id"]
+    end
+
+    def client_secret
+      body["client_secret"]
+    end
+
+    def expiration_time_millis
+      body["expiration_time_millis"]
+    end
+
+    def refresh_token
+      body["refresh_token"]
+    end
+
+    private
+
+    def body
+      @body ||= JSON.parse(token)
+    rescue JSON::ParserError
+      nil
+    end
+  end
+
+  GMAIL_READ_SCOPE = "https://mail.google.com/".freeze
+  OOB_URI = "urn:ietf:wg:oauth:2.0:oob".freeze
+
+  attr_reader :email
+  attr_reader :token
+
+  def self.refresh_token?(text)
+    ImapBackupToken.new(text).valid?
+  end
+
+  def initialize(email:, token:)
+    @email = email
+    @token = token
+  end
+
+  def authorization_url
+    authorizer.get_authorization_url(base_url: OOB_URI)
+  end
+
+  def credentials
+    authorizer.get_credentials(email).tap do |c|
+      c.refresh! if c.expired?
+    end
+  end
+
+  def credentials_from_code(code)
+    authorizer.get_credentials_from_code(
+      user_id: email,
+      code: code,
+      base_url: OOB_URI
+    )
+  end
+
+  private
+
+  def auth_client_id
+    @auth_client_id = Google::Auth::ClientId.new(client_id, client_secret)
+  end
+
+  def authorizer
+    @authorizer ||= Google::Auth::UserAuthorizer.new(
+      auth_client_id, GMAIL_READ_SCOPE, token_store
+    )
+  end
+
+  def access_token
+    imap_backup_token.access_token
+  end
+
+  def client_id
+    imap_backup_token.client_id
+  end
+
+  def client_secret
+    imap_backup_token.client_secret
+  end
+
+  def expiration_time_millis
+    imap_backup_token.expiration_time_millis
+  end
+
+  def refresh_token
+    imap_backup_token.refresh_token
+  end
+
+  def imap_backup_token
+    @imap_backup_token ||=
+      ImapBackupToken.new(token).tap do |t|
+        raise MalformedImapBackupToken if !t.valid?
+      end
+  end
+
+  def store_token
+    {
+      "client_id" => client_id,
+      "access_token" => access_token,
+      "refresh_token" => refresh_token,
+      "scope": [GMAIL_READ_SCOPE],
+      "expiration_time_millis": expiration_time_millis
+    }.to_json
+  end
+
+  def token_store
+    @token_store ||=
+      Google::Auth::Stores::InMemoryTokenStore.new.tap do |t|
+        t.store(email, store_token)
+      end
+  end
+end