imap-backup 4.0.0.rc1 → 4.0.0.rc2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ba3f202308a586f7ec54b28d66ea2f9422cf30f706c118ab02f362346351f268
-  data.tar.gz: 585bd29f2d2f836aad27c6ac58855649b7621eff770d5e2b40bfdd3f6aa774f0
+  metadata.gz: 307d6f8c3448e730c14e9550fbfcbfee0c946f28953a9cb6a7070f75feda3033
+  data.tar.gz: 553f15b7bf8dee1ad126111915d398b25181cd4f9aa50b252a980ecc5002ef63
 SHA512:
-  metadata.gz: 6270660f55ab52e3a3d8242bdfbb2d044ce7428ccc75daabf25b6753a7c91f9c3f4d8b2be4db517f44fb887663a40e946f128c2bf06f4d1006cd02182d9f477e
-  data.tar.gz: f94af41fee60be97e15e0d2aa3da5a0696b9d8bab5cb03cb42c805881b13e8a38fc5be42ee30efd26576d5cadb10d2f53b0c46c00fc94ca72cf23f94e05d602b
+  metadata.gz: 11a50621ff9ef4eacdfa5622ab0d2a9e2fa4dd2adf5cc162a1709686e5187db89ed0aa5d91a374d968e38e1caba62c87d0c384f3c1964a8b001338bbb3b3eb13
+  data.tar.gz: 35902dcb5520b7ca17a6adab6833b2d2296e3655e2ff5cffb7843c018d5b7eb25a2779a3955833088730df95eff5bb02fecff2c8911653637cceafb8897ae7f0

data/CHANGELOG.md

@@ -4,8 +4,16 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [4.0.0.rc2] - 2021-11-18
+
+### Removed
+
+* GMail OAuth2 support. Tokens only last a few days, so this authentication
+  method is not usable for automated backups.
+
 ## [4.0.0.rc1] - 2021-11-17
 
 ### Added
+
 * `local` commands to list accounts, folders and emails and to view single
   emails.

data/README.md

@@ -20,20 +20,24 @@
 
 To use imap-backup with GMail, you will need to enable 'App passwords' on your account.
 
-## GMail OAuth2
+# Installation
+
+```shell
+$ gem install 'imap-backup'
+```
 
-GMail OAuth2 authentication is supported, but as GMail's policy requires
-users to set up an application specific to their account, the feature
-is disabled by default.
+# Commands
 
-You will need to set the environment variable IMAP_BACKUP_ENABLE_GMAIL_OAUTH2.
+For a full list, run
 
-To set it up, [follow the HOWTO](docs/setting-up-gmail-with-oauth2.md).
+```
+$ imap-backup help
+```
 
-# Installation
+For more information about a command, run
 
 ```shell
-$ gem install 'imap-backup'
+$ imap-backup help COMMAND
 ```
 
 # Setup
@@ -148,6 +152,16 @@ Each folder is saved to an mbox file.
 Alongside each mbox is a file with extension '.imap', which lists the source IMAP
 UIDs to allow a full restore.
 
+# Local commands
+
+There a various commands for viewing local backup status.
+
+To view the list, use
+
+```shell
+$ imap_backup help local
+```
+
 # Troubleshooting
 
 If you have problems:

data/imap-backup.gemspec

@@ -16,8 +16,6 @@ Gem::Specification.new do |gem|
   gem.required_ruby_version = ">= 2.5"
   gem.version = Imap::Backup::VERSION
 
-  gem.add_runtime_dependency "gmail_xoauth"
-  gem.add_runtime_dependency "googleauth"
   gem.add_runtime_dependency "highline"
   gem.add_runtime_dependency "mail"
   gem.add_runtime_dependency "rake"

data/lib/imap/backup/account/connection.rb

@@ -1,15 +1,11 @@
 require "net/imap"
-require "gmail_xoauth"
 
-require "gmail/authenticator"
 require "retry_on_error"
 
 module Imap::Backup
   module Account; end
 
   class Account::Connection
-    class InvalidGmailOauth2RefreshToken < StandardError; end
-
     include RetryOnError
 
     LOGIN_RETRY_CLASSES = [EOFError, Errno::ECONNRESET, SocketError].freeze
@@ -109,17 +105,8 @@ module Imap::Backup
             "Creating IMAP instance: #{server}, options: #{options.inspect}"
           )
           imap = Net::IMAP.new(server, options)
-          if use_gmail_oauth2? && Gmail::Authenticator.refresh_token?(password)
-            authenticator = Gmail::Authenticator.new(email: username, token: password)
-            credentials = authenticator.credentials
-            raise InvalidGmailOauth2RefreshToken if !credentials
-
-            Imap::Backup.logger.debug "Logging in with OAuth2 token: #{username}"
-            imap.authenticate("XOAUTH2", username, credentials.access_token)
-          else
-            Imap::Backup.logger.debug "Logging in: #{username}/#{masked_password}"
-            imap.login(username, password)
-          end
+          Imap::Backup.logger.debug "Logging in: #{username}/#{masked_password}"
+          imap.login(username, password)
           Imap::Backup.logger.debug "Login complete"
           imap
         end
@@ -181,12 +168,6 @@ module Imap::Backup
       password.gsub(/./, "x")
     end
 
-    def use_gmail_oauth2?
-      # TODO: test use of ENV
-      server == Email::Provider::GMAIL_IMAP_SERVER &&
-        ENV["IMAP_BACKUP_ENABLE_GMAIL_OAUTH2"]
-    end
-
     def backup_folders
       @backup_folders ||=
         begin

data/lib/imap/backup/cli/local.rb

@@ -3,13 +3,13 @@ module Imap::Backup
     include Thor::Actions
     include CLI::Helpers
 
-    desc "accounts", "list locally backed-up accounts"
+    desc "accounts", "List locally backed-up accounts"
     def accounts
       connections = Imap::Backup::Configuration::List.new
       connections.accounts.each { |a| puts a[:username] }
     end
 
-    desc "folders EMAIL", "list account folders"
+    desc "folders EMAIL", "List account folders"
     def folders(email)
       connections = Imap::Backup::Configuration::List.new
       account = connections.accounts.find { |a| a[:username] == email }
@@ -21,7 +21,7 @@ module Imap::Backup
       end
     end
 
-    desc "emails EMAIL FOLDER", "list emails in a folder"
+    desc "emails EMAIL FOLDER", "List emails in a folder"
     def emails(email, folder_name)
       connections = Imap::Backup::Configuration::List.new
       account = connections.accounts.find { |a| a[:username] == email }
@@ -49,7 +49,7 @@ module Imap::Backup
       end
     end
 
-    desc "email EMAIL FOLDER UID", "show an email"
+    desc "email EMAIL FOLDER UID", "Show an email"
     def email(email, folder_name, uid)
       connections = Imap::Backup::Configuration::List.new
       account = connections.accounts.find { |a| a[:username] == email }

data/lib/imap/backup/cli.rb

@@ -82,6 +82,6 @@ class Imap::Backup::CLI < Thor
     Status.new(symbolized(options)).run
   end
 
-  desc "local subcommand ...ARGS", "View local info"
+  desc "local SUBCOMMAND [OPTIONS]", "View local info"
   subcommand "local", Local
 end

data/lib/imap/backup/configuration/account.rb

@@ -68,12 +68,7 @@ module Imap::Backup
 
     def modify_password(menu)
       menu.choice("modify password") do
-        password =
-          if use_gmail_oauth2?(account)
-            Configuration::GmailOauth2.new(account).run
-          else
-            Configuration::Asker.password
-          end
+        password = Configuration::Asker.password
 
         if !password.nil?
           account[:password] = password
@@ -82,11 +77,6 @@ module Imap::Backup
       end
     end
 
-    def use_gmail_oauth2?(account)
-      account[:server] == Email::Provider::GMAIL_IMAP_SERVER &&
-        ENV["IMAP_BACKUP_ENABLE_GMAIL_OAUTH2"]
-    end
-
     def modify_server(menu)
       menu.choice("modify server") do
         server = highline.ask("server: ")

data/lib/imap/backup/version.rb

@@ -4,6 +4,6 @@ module Imap::Backup
   MAJOR    = 4
   MINOR    = 0
   REVISION = 0
-  PRE      = "rc1"
+  PRE      = "rc2"
   VERSION  = [MAJOR, MINOR, REVISION, PRE].compact.map(&:to_s).join(".")
 end

data/lib/imap/backup.rb

@@ -7,7 +7,6 @@ require "imap/backup/configuration/account"
 require "imap/backup/configuration/asker"
 require "imap/backup/configuration/connection_tester"
 require "imap/backup/configuration/folder_chooser"
-require "imap/backup/configuration/gmail_oauth2"
 require "imap/backup/configuration/list"
 require "imap/backup/configuration/setup"
 require "imap/backup/configuration/store"

data/spec/unit/imap/backup/account/connection_spec.rb

@@ -90,56 +90,11 @@ describe Imap::Backup::Account::Connection do
     end
 
     context "with the GMail IMAP server" do
-      ACCESS_TOKEN = "access_token".freeze
-
       let(:server) { GMAIL_IMAP_SERVER }
       let(:refresh_token) { true }
       let(:result) { nil }
-      let(:authenticator) do
-        instance_double(
-          Gmail::Authenticator,
-          credentials: credentials
-        )
-      end
-      let(:credentials) { OpenStruct.new(access_token: ACCESS_TOKEN) }
-
-      before do
-        allow(Gmail::Authenticator).
-          to receive(:refresh_token?) { refresh_token }
-        allow(Gmail::Authenticator).
-          to receive(:new).
-            with(email: USERNAME, token: PASSWORD) { authenticator }
-      end
-
-      context "when the password is our copy of a GMail refresh token and  the environment IMAP_BACKUP_ENABLE_GMAIL_OAUTH2 is set" do
-        before do
-          ENV["IMAP_BACKUP_ENABLE_GMAIL_OAUTH2"] = "1"
-        end
-
-        after do
-          ENV.delete("IMAP_BACKUP_ENABLE_GMAIL_OAUTH2")
-        end
-
-        it "uses the OAuth2 access_token to authenticate" do
-          subject.imap
-
-          expect(imap).to have_received(:authenticate).with(
-            "XOAUTH2", USERNAME, ACCESS_TOKEN
-          )
-        end
-
-        context "when the refresh token is invalid" do
-          let(:credentials) { nil }
-
-          it "raises" do
-            expect { subject.imap }.to raise_error(String)
-          end
-        end
-      end
 
       context "when the password is not our copy of a GMail refresh token" do
-        let(:refresh_token) { false }
-
         it "uses the password" do
           subject.imap
 

data/spec/unit/imap/backup/configuration/account_spec.rb

@@ -241,49 +241,6 @@ describe Imap::Backup::Configuration::Account do
       end
     end
 
-    describe "choosing 'modify password' when the server is for GMail" do
-      let(:new_password) { "new_password" }
-      let(:current_server) { GMAIL_IMAP_SERVER }
-      let(:gmail_oauth2) do
-        instance_double(Imap::Backup::Configuration::GmailOauth2, run: nil)
-      end
-
-      before do
-        allow(Imap::Backup::Configuration::Asker).
-          to receive(:password) { new_password }
-        allow(Imap::Backup::Configuration::GmailOauth2).
-          to receive(:new).
-            with(account) { gmail_oauth2 }
-      end
-
-      context "when the environment IMAP_BACKUP_ENABLE_GMAIL_OAUTH2 is set" do
-        before do
-          ENV["IMAP_BACKUP_ENABLE_GMAIL_OAUTH2"] = "1"
-          subject.run
-          menu.choices["modify password"].call
-        end
-
-        after do
-          ENV.delete("IMAP_BACKUP_ENABLE_GMAIL_OAUTH2")
-        end
-
-        it "sets up GMail OAuth2" do
-          expect(gmail_oauth2).to have_received(:run)
-        end
-      end
-
-      context "when the environment IMAP_BACKUP_ENABLE_GMAIL_OAUTH2 is not set" do
-        before do
-          subject.run
-          menu.choices["modify password"].call
-        end
-
-        it "sets up GMail OAuth2" do
-          expect(gmail_oauth2).to_not have_received(:run)
-        end
-      end
-    end
-
     describe "choosing 'modify server'" do
       let(:server) { "server" }
 

metadata

@@ -1,43 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: imap-backup
 version: !ruby/object:Gem::Version
-  version: 4.0.0.rc1
+  version: 4.0.0.rc2
 platform: ruby
 authors:
 - Joe Yates
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-11-17 00:00:00.000000000 Z
+date: 2021-11-18 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: gmail_xoauth
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: googleauth
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: highline
   requirement: !ruby/object:Gem::Requirement
@@ -199,39 +171,11 @@ files:
 - Rakefile
 - bin/imap-backup
 - docker-compose.yml
-- docs/01-credentials-screen.png
-- docs/02-new-project.png
-- docs/03-initial-credentials-for-project.png
-- docs/04-credential-type-selection.png
-- docs/05-cant-create-without-consent-setup.png
-- docs/06-user-type-selection.png
-- docs/07-consent-screen-form.png
-- docs/08-app-scopes.png
-- docs/09-scope-selection.png
-- docs/10-updated-app-scopes.png
-- docs/11-test-users.png
-- docs/12-add-users.png
-- docs/13-create-oauth-client.png
-- docs/14-application-details.png
-- docs/16-initial-menu.png
-- docs/17-inputting-the-email-address.png
-- docs/18-choose-password.png
-- docs/19-supply-client-info.png
-- docs/20-choose-gmail-account.png
-- docs/21-accept-warnings.png
-- docs/22-grant-access.png
-- docs/24-confirm-choices.png
-- docs/25-success-code.png
-- docs/26-type-code-into-imap-backup.png
-- docs/27-success.png
 - docs/docker-imap.md
-- docs/setting-up-gmail-with-oauth2.md
 - imap-backup
 - imap-backup.gemspec
 - lib/email/mboxrd/message.rb
 - lib/email/provider.rb
-- lib/gmail/authenticator.rb
-- lib/google/auth/stores/in_memory_token_store.rb
 - lib/imap/backup.rb
 - lib/imap/backup/account/connection.rb
 - lib/imap/backup/account/folder.rb
@@ -247,7 +191,6 @@ files:
 - lib/imap/backup/configuration/asker.rb
 - lib/imap/backup/configuration/connection_tester.rb
 - lib/imap/backup/configuration/folder_chooser.rb
-- lib/imap/backup/configuration/gmail_oauth2.rb
 - lib/imap/backup/configuration/list.rb
 - lib/imap/backup/configuration/setup.rb
 - lib/imap/backup/configuration/store.rb
@@ -276,15 +219,12 @@ files:
 - spec/support/silence_logging.rb
 - spec/unit/email/mboxrd/message_spec.rb
 - spec/unit/email/provider_spec.rb
-- spec/unit/gmail/authenticator_spec.rb
-- spec/unit/google/auth/stores/in_memory_token_store_spec.rb
 - spec/unit/imap/backup/account/connection_spec.rb
 - spec/unit/imap/backup/account/folder_spec.rb
 - spec/unit/imap/backup/configuration/account_spec.rb
 - spec/unit/imap/backup/configuration/asker_spec.rb
 - spec/unit/imap/backup/configuration/connection_tester_spec.rb
 - spec/unit/imap/backup/configuration/folder_chooser_spec.rb
-- spec/unit/imap/backup/configuration/gmail_oauth2_spec.rb
 - spec/unit/imap/backup/configuration/list_spec.rb
 - spec/unit/imap/backup/configuration/setup_spec.rb
 - spec/unit/imap/backup/configuration/store_spec.rb
@@ -335,15 +275,12 @@ test_files:
 - spec/support/silence_logging.rb
 - spec/unit/email/mboxrd/message_spec.rb
 - spec/unit/email/provider_spec.rb
-- spec/unit/gmail/authenticator_spec.rb
-- spec/unit/google/auth/stores/in_memory_token_store_spec.rb
 - spec/unit/imap/backup/account/connection_spec.rb
 - spec/unit/imap/backup/account/folder_spec.rb
 - spec/unit/imap/backup/configuration/account_spec.rb
 - spec/unit/imap/backup/configuration/asker_spec.rb
 - spec/unit/imap/backup/configuration/connection_tester_spec.rb
 - spec/unit/imap/backup/configuration/folder_chooser_spec.rb
-- spec/unit/imap/backup/configuration/gmail_oauth2_spec.rb
 - spec/unit/imap/backup/configuration/list_spec.rb
 - spec/unit/imap/backup/configuration/setup_spec.rb
 - spec/unit/imap/backup/configuration/store_spec.rb

data/docs/setting-up-gmail-with-oauth2.md

@@ -1,166 +0,0 @@
-# Setting up GMail Authentication for imap-backup
-
-# Create a Google project
-
-Go to https://console.developers.google.com
-
-Select "Credentials".
-
-![Credential screen](01-credentials-screen.png)
-
-Select "CREATE PROJECT".
-
-![New project](02-new-project.png)
-
-Set or accept the "Project name",
-
-And optionally do the same with the "Project ID",
-
-Leave "Location" on "No organization",
-
-Click "CREATE".
-
-![Initial project credentials](03-initial-credentials-for-project.png)
-
-Click "+ CREATE CREDENTIALS".
-
-![Credential type selection](04-credential-type-selection.png)
-
-Select "OAuth client ID".
-
-![Can't create credentials before setting up the consent screen](05-cant-create-without-consent-setup.png)
-
-Click "CONFIGURE CONSENT SCREEN".
-
-![User type selection](06-user-type-selection.png)
-
-Select "External",
-
-Click "CREATE".
-
-![Consent screen form](07-consent-screen-form.png)
-
-Fill in "App name",
-
-Select your email as "User support email",
-
-Type in your email at the bottom under "Developer contact information",
-
-Click "SAVE AND CONTINUE".
-
-![App scopes](08-app-scopes.png)
-
-Click "ADD OR REMOVE SCOPES".
-
-![Scope selection](09-scope-selection.png)
-
-Under "Manually add scopes", type "https://mail.google.com/",
-
-Click "ADD TO TABLE",
-
-Click "UPDATE".
-
-![Updated app scopes](10-updated-app-scopes.png)
-
-Click "SAVE AND CONTINUE".
-
-![Test users](11-test-users.png)
-
-Click "+ ADD USERS".
-
-![Add users](12-add-users.png)
-
-Type in your email,
-
-Click "SAVE AND CONTINUE",
-
-Click "BACK TO DASHBOARD",
-
-Click "Credentials" in the menu
-
-And then click "+ CREATE CREDENTIALS" again,
-
-And select "OAuth client ID" again.
-
-![Create OAuth client](13-create-oauth-client.png)
-
-This time you will be able to proceed.
-
-![Application details](14-application-details.png)
-
-Select "TVs and limited input devices",
-
-Click "CREATE",
-
-Copy both "Your Client ID"
-
-And "Your Client Secret".
-
-# Set up imap-backup
-
-Run `imap-backup setup`.
-
-![Initial imap-backup menu](16-initial-menu.png)
-
-Choose 'add account'.
-
-![Type in your email address](17-inputting-the-email-address.png)
-
-Type in your GMail address.
-
-Note: if you have a custom domain (GSuite) address,
-e.g. "me@mycompany.com", you now need to
-choose 'server' and
-type in 'imap.gmail.com'.
-
-![Choose password](18-choose-password.png)
-
-Choose `password`.
-
-![Supply client info](19-supply-client-info.png)
-
-Type your "Client ID" and "Client Secret",
-
-Next you will be shown a URL to open in your browser.
-
-![Choose GMail account](20-choose-gmail-account.png)
-
-If you have more than one GMail account you will need to choose which
-you are configuring.
-
-![Accept warnings](21-accept-warnings.png)
-
-As the project "app" is in test mode,
-you'll need to accept to ignore this warning.
-
-Click "Advanced",
-
-Then click "Go to XXXYYYZZZ (unsafe)"
-
-![Grant access](22-grant-access.png)
-
-Choose "Allow".
-
-![Confirm choices](24-confirm-choices.png)
-
-Choose "Allow".
-
-![Success code screen](25-success-code.png)
-
-Click on the copy logo to copy the success code.
-
-![Paste the code](26-type-code-into-imap_backup.png)
-
-Paste the success code into imap-backup.
-
-Finally, choose 'test connection'.
-
-If all has gone well you should see this:
-
-![Connection successful](27-success.png)
-
-Now choose 'return to main menu',
-
-Then 'save and exit'.
-
-Your imap-backup is now configured to back up your GMail.

data/lib/gmail/authenticator.rb

@@ -1,160 +0,0 @@
-require "googleauth"
-require "google/auth/stores/in_memory_token_store"
-
-module Gmail; end
-
-class Gmail::Authenticator
-  class MalformedImapBackupToken < StandardError; end
-
-  class ImapBackupToken
-    attr_reader :token
-
-    def self.from(
-      access_token:,
-      client_id:,
-      client_secret:,
-      expiration_time_millis:,
-      refresh_token:
-    )
-      {
-        access_token: access_token,
-        client_id: client_id,
-        client_secret: client_secret,
-        expiration_time_millis: expiration_time_millis,
-        refresh_token: refresh_token
-      }.to_json
-    end
-
-    def initialize(token)
-      @token = token
-    end
-
-    def valid?
-      return false if !body
-      return false if !access_token
-      return false if !client_id
-      return false if !client_secret
-      return false if !expiration_time_millis
-      return false if !refresh_token
-
-      true
-    end
-
-    def access_token
-      body["access_token"]
-    end
-
-    def client_id
-      body["client_id"]
-    end
-
-    def client_secret
-      body["client_secret"]
-    end
-
-    def expiration_time_millis
-      body["expiration_time_millis"]
-    end
-
-    def refresh_token
-      body["refresh_token"]
-    end
-
-    private
-
-    def body
-      @body ||= JSON.parse(token)
-    rescue JSON::ParserError
-      nil
-    end
-  end
-
-  GMAIL_READ_SCOPE = "https://mail.google.com/".freeze
-  OOB_URI = "urn:ietf:wg:oauth:2.0:oob".freeze
-
-  attr_reader :email
-  attr_reader :token
-
-  def self.refresh_token?(text)
-    ImapBackupToken.new(text).valid?
-  end
-
-  def initialize(email:, token:)
-    @email = email
-    @token = token
-  end
-
-  def authorization_url
-    authorizer.get_authorization_url(base_url: OOB_URI)
-  end
-
-  def credentials
-    authorizer.get_credentials(email).tap do |c|
-      c.refresh! if c.expired?
-    end
-  end
-
-  def credentials_from_code(code)
-    authorizer.get_credentials_from_code(
-      user_id: email,
-      code: code,
-      base_url: OOB_URI
-    )
-  end
-
-  private
-
-  def auth_client_id
-    @auth_client_id = Google::Auth::ClientId.new(client_id, client_secret)
-  end
-
-  def authorizer
-    @authorizer ||= Google::Auth::UserAuthorizer.new(
-      auth_client_id, GMAIL_READ_SCOPE, token_store
-    )
-  end
-
-  def access_token
-    imap_backup_token.access_token
-  end
-
-  def client_id
-    imap_backup_token.client_id
-  end
-
-  def client_secret
-    imap_backup_token.client_secret
-  end
-
-  def expiration_time_millis
-    imap_backup_token.expiration_time_millis
-  end
-
-  def refresh_token
-    imap_backup_token.refresh_token
-  end
-
-  def imap_backup_token
-    @imap_backup_token ||=
-      ImapBackupToken.new(token).tap do |t|
-        raise MalformedImapBackupToken if !t.valid?
-      end
-  end
-
-  def store_token
-    {
-      "client_id" => client_id,
-      "access_token" => access_token,
-      "refresh_token" => refresh_token,
-      "scope": [GMAIL_READ_SCOPE],
-      "expiration_time_millis": expiration_time_millis
-    }.to_json
-  end
-
-  def token_store
-    @token_store ||=
-      Google::Auth::Stores::InMemoryTokenStore.new.tap do |t|
-        t.store(email, store_token)
-      end
-  end
-end

data/lib/google/auth/stores/in_memory_token_store.rb

@@ -1,9 +0,0 @@
-module Google; end
-module Google::Auth; end
-module Google::Auth::Stores; end
-
-class Google::Auth::Stores::InMemoryTokenStore < Hash
-  def load(id)
-    self[id]
-  end
-end

data/lib/imap/backup/configuration/gmail_oauth2.rb

@@ -1,102 +0,0 @@
-module Imap::Backup
-  module Configuration; end
-
-  class Configuration::GmailOauth2
-    BANNER = <<~BANNER.freeze
-      GMail OAuth2 Setup
-
-      You need to authorize imap_backup to get access to your email.
-      To do so, please follow the instructions here:
-
-      https://github.com/joeyates/imap-backup/blob/main/docs/setting-up-gmail-with-oauth2.md
-
-    BANNER
-
-    GMAIL_READ_SCOPE = "https://mail.google.com/".freeze
-    OOB_URI = "urn:ietf:wg:oauth:2.0:oob".freeze
-
-    attr_reader :account
-    attr_reader :client_id
-    attr_reader :client_secret
-
-    def initialize(account)
-      @account = account
-    end
-
-    def run
-      Kernel.system("clear")
-      Kernel.puts BANNER
-
-      keep = if token.valid?
-        highline.agree("Use existing client info?")
-      else
-        false
-      end
-
-      if keep
-        @client_id = token.client_id
-        @client_secret = token.client_secret
-      else
-        @client_id = highline.ask("client_id: ")
-        @client_secret = highline.ask("client_secret: ")
-      end
-
-      Kernel.puts <<~MESSAGE
-
-        Open the following URL in your browser
-
-        #{authorization_url}
-
-        Then copy the success code
-
-      MESSAGE
-
-      @code = highline.ask("success code: ")
-      @credentials = authorizer.get_and_store_credentials_from_code(
-        user_id: email, code: @code, base_url: OOB_URI
-      )
-
-      raise "Failed" if !@credentials
-
-      new_token = JSON.parse(token_store.load(email))
-      new_token["client_secret"] = client_secret
-      new_token.to_json
-    end
-
-    private
-
-    def email
-      account[:username]
-    end
-
-    def password
-      account[:password]
-    end
-
-    def token
-      @token ||= Gmail::Authenticator::ImapBackupToken.new(password)
-    end
-
-    def highline
-      Configuration::Setup.highline
-    end
-
-    def auth_client_id
-      @auth_client_id = Google::Auth::ClientId.new(client_id, client_secret)
-    end
-
-    def authorizer
-      @authorizer ||= Google::Auth::UserAuthorizer.new(
-        auth_client_id, GMAIL_READ_SCOPE, token_store
-      )
-    end
-
-    def token_store
-      @token_store ||= Google::Auth::Stores::InMemoryTokenStore.new
-    end
-
-    def authorization_url
-      authorizer.get_authorization_url(base_url: OOB_URI)
-    end
-  end
-end

data/spec/unit/gmail/authenticator_spec.rb

@@ -1,138 +0,0 @@
-require "gmail/authenticator"
-require "googleauth"
-
-describe Gmail::Authenticator do
-  ACCESS_TOKEN = "access_token".freeze
-  AUTHORIZATION_URL = "authorization_url".freeze
-  CLIENT_ID = "client_id".freeze
-  CLIENT_SECRET = "client_secret".freeze
-  CODE = "code".freeze
-  CREDENTIALS = "credentials".freeze
-  EMAIL = "email".freeze
-  EXPIRATION_TIME_MILLIS = "expiration_time_millis".freeze
-  GMAIL_READ_SCOPE = "https://mail.google.com/".freeze
-  IMAP_BACKUP_TOKEN = "imap_backup_token".freeze
-  OOB_URI = "urn:ietf:wg:oauth:2.0:oob".freeze
-  REFRESH_TOKEN = "refresh_token".freeze
-
-  subject { described_class.new(**params) }
-
-  let(:params) do
-    {
-      email: EMAIL,
-      token: IMAP_BACKUP_TOKEN
-    }
-  end
-
-  let(:authorizer) do
-    instance_double(Google::Auth::UserAuthorizer)
-  end
-
-  let(:imap_backup_token) do
-    instance_double(
-      Gmail::Authenticator::ImapBackupToken,
-      access_token: ACCESS_TOKEN,
-      client_id: CLIENT_ID,
-      client_secret: CLIENT_SECRET,
-      expiration_time_millis: EXPIRATION_TIME_MILLIS,
-      refresh_token: REFRESH_TOKEN,
-      valid?: true
-    )
-  end
-
-  let(:token_store) do
-    instance_double(Google::Auth::Stores::InMemoryTokenStore)
-  end
-
-  let(:credentials) do
-    instance_double(Google::Auth::UserRefreshCredentials, refresh!: true)
-  end
-
-  let(:expired) { false }
-
-  before do
-    allow(Google::Auth::UserAuthorizer).
-      to receive(:new).
-        with(
-          instance_of(Google::Auth::ClientId),
-          GMAIL_READ_SCOPE,
-          token_store
-        ) { authorizer }
-    allow(authorizer).to receive(:get_authorization_url).
-      with(base_url: OOB_URI) { AUTHORIZATION_URL }
-    allow(authorizer).to receive(:get_credentials).
-      with(EMAIL) { credentials }
-    allow(authorizer).to receive(:get_credentials_from_code).
-      with(user_id: EMAIL, code: CODE, base_url: OOB_URI) { CREDENTIALS }
-
-    allow(Google::Auth::UserRefreshCredentials).
-      to receive(:new) { credentials }
-    allow(credentials).to receive(:expired?) { expired }
-
-    allow(Google::Auth::Stores::InMemoryTokenStore).
-      to receive(:new) { token_store }
-    allow(token_store).to receive(:store).
-      with(EMAIL, anything) # TODO: use a JSON matcher
-    allow(Gmail::Authenticator::ImapBackupToken).
-      to receive(:new).
-        with(IMAP_BACKUP_TOKEN) { imap_backup_token }
-  end
-
-  describe "#initialize" do
-    [:email, :token].each do |param|
-      context "parameter #{param}" do
-        let(:params) { super().dup.reject { |k| k == param } }
-
-        it "is expected" do
-          expect { subject }.to raise_error(
-            ArgumentError, /missing keyword: :?#{param}/
-          )
-        end
-      end
-    end
-  end
-
-  describe "#credentials" do
-    let!(:result) { subject.credentials }
-
-    it "attempts to get credentials" do
-      expect(authorizer).to have_received(:get_credentials)
-    end
-
-    it "returns the result" do
-      expect(result).to eq(credentials)
-    end
-
-    context "when the access_token has expired" do
-      let(:expired) { true }
-
-      it "refreshes it" do
-        expect(credentials).to have_received(:refresh!)
-      end
-    end
-  end
-
-  describe "#authorization_url" do
-    let!(:result) { subject.authorization_url }
-
-    it "requests an authorization URL" do
-      expect(authorizer).to have_received(:get_authorization_url)
-    end
-
-    it "returns the result" do
-      expect(result).to eq(AUTHORIZATION_URL)
-    end
-  end
-
-  describe "#credentials_from_code" do
-    let!(:result) { subject.credentials_from_code(CODE) }
-
-    it "requests credentials" do
-      expect(authorizer).to have_received(:get_credentials_from_code)
-    end
-
-    it "returns credentials" do
-      expect(result).to eq(CREDENTIALS)
-    end
-  end
-end

data/spec/unit/google/auth/stores/in_memory_token_store_spec.rb

@@ -1,15 +0,0 @@
-require "google/auth/stores/in_memory_token_store"
-
-describe Google::Auth::Stores::InMemoryTokenStore do
-  KEY = "key".freeze
-  VALUE = "value".freeze
-
-  subject { described_class.new }
-
-  describe "#load" do
-    it "returns an item's value" do
-      subject[KEY] = VALUE
-      expect(subject.load(KEY)).to eq(VALUE)
-    end
-  end
-end

data/spec/unit/imap/backup/configuration/gmail_oauth2_spec.rb

@@ -1,121 +0,0 @@
-describe Imap::Backup::Configuration::GmailOauth2 do
-  include HighLineTestHelpers
-
-  CLIENT_ID = "my_client_id".freeze
-  CLIENT_SECRET = "my_client_secret".freeze
-
-  subject { described_class.new(account) }
-
-  let(:authorization_url) { "some long authorization_url" }
-  let(:credentials) { "credentials" }
-  let(:json_token) { '{"sentinel":"foo"}' }
-  let!(:highline_streams) { prepare_highline }
-  let(:highline) { Imap::Backup::Configuration::Setup.highline }
-  let(:input) { highline_streams[0] }
-  let(:output) { highline_streams[1] }
-  let(:account) { {} }
-  let(:user_input) { %W(my_client_id\n my_secret\n my_code\n) }
-
-  let(:authorizer) do
-    instance_double(
-      Google::Auth::UserAuthorizer,
-      get_authorization_url: authorization_url,
-      get_and_store_credentials_from_code: credentials
-    )
-  end
-  let(:token_store) do
-    instance_double(
-      Google::Auth::Stores::InMemoryTokenStore,
-      load: json_token
-    )
-  end
-  let(:token) do
-    instance_double(
-      Gmail::Authenticator::ImapBackupToken,
-      valid?: valid,
-      client_id: CLIENT_ID,
-      client_secret: CLIENT_SECRET
-    )
-  end
-  let(:valid) { false }
-
-  before do
-    allow(Google::Auth::UserAuthorizer).
-      to receive(:new) { authorizer }
-    allow(Google::Auth::Stores::InMemoryTokenStore).
-      to receive(:new) { token_store }
-    allow(Gmail::Authenticator::ImapBackupToken).
-      to receive(:new) { token }
-
-    allow(highline).to receive(:ask).and_call_original
-    allow(highline).to receive(:agree).and_call_original
-
-    allow(Kernel).to receive(:system)
-    allow(Kernel).to receive(:puts)
-
-    allow(input).to receive(:gets).and_return(*user_input)
-  end
-
-  describe "#run" do
-    let!(:result) { subject.run }
-
-    it "clears the screen" do
-      expect(Kernel).to have_received(:system).with("clear")
-    end
-
-    it "requests client_id" do
-      expect(highline).to have_received(:ask).with("client_id: ")
-    end
-
-    it "requests client_secret" do
-      expect(highline).to have_received(:ask).with("client_secret: ")
-    end
-
-    it "displays the authorization URL" do
-      expect(Kernel).
-        to have_received(:puts).
-        with(/#{authorization_url}/)
-    end
-
-    it "requests the success code" do
-      expect(highline).to have_received(:ask).with("success code: ")
-    end
-
-    it "requests an access_token via the code" do
-      expect(authorizer).to have_received(:get_and_store_credentials_from_code)
-    end
-
-    it "returns the credentials" do
-      expect(result).to match('"sentinel":"foo"')
-    end
-
-    it "includes the client_secret in the credentials" do
-      expect(result).to match('"client_secret":"my_secret"')
-    end
-
-    context "when the account already has client info" do
-      let(:valid) { true }
-      let(:user_input) { %W(yes\n) }
-
-      it "requests confirmation of client info" do
-        expect(highline).to have_received(:agree).with("Use existing client info?")
-      end
-
-      context "when yhe user says 'no'" do
-        let(:user_input) { %W(no\n) }
-
-        it "requests client_id" do
-          expect(highline).to have_received(:ask).with("client_id: ")
-        end
-
-        it "requests client_secret" do
-          expect(highline).to have_received(:ask).with("client_secret: ")
-        end
-
-        it "requests the success code" do
-          expect(highline).to have_received(:ask).with("success code: ")
-        end
-      end
-    end
-  end
-end