net-imap 0.4.12 → 0.5.1

data/lib/net/imap/response_parser.rb

@@ -11,12 +11,15 @@ module Net
       include ParserUtils
       extend  ParserUtils::Generator
 
+      attr_reader :config
+
       # :call-seq: Net::IMAP::ResponseParser.new -> Net::IMAP::ResponseParser
-      def initialize
+      def initialize(config: Config.global)
         @str = nil
         @pos = nil
         @lex_state = nil
         @token = nil
+        @config = Config[config]
       end
 
       # :call-seq:
@@ -1314,30 +1317,19 @@ module Net
       #   header-fld-name = astring
       #
       # NOTE: Previously, Net::IMAP recreated the raw original source string.
-      # Now, it grabs the raw encoded value using @str and @pos.  A future
-      # version may simply return the decoded astring value.  Although that is
-      # technically incompatible, it should almost never make a difference: all
-      # standard header field names are valid atoms:
+      # Now, it returns the decoded astring value.  Although this is technically
+      # incompatible, it should almost never make a difference: all standard
+      # header field names are valid atoms:
       #
       # https://www.iana.org/assignments/message-headers/message-headers.xhtml
       #
-      # Although RFC3501 allows any astring, RFC5322-valid header names are one
-      # or more of the printable US-ASCII characters, except SP and colon.  So
-      # empty string isn't valid, and literals aren't needed and should not be
-      # used.  This is explicitly unchanged by [I18N-HDRS] (RFC6532).
-      #
-      # RFC5233:
+      # See also RFC5233:
       #     optional-field  =   field-name ":" unstructured CRLF
       #     field-name      =   1*ftext
       #     ftext           =   %d33-57 /          ; Printable US-ASCII
       #                         %d59-126           ;  characters not including
       #                                            ;  ":".
-      def header_fld_name
-        assert_no_lookahead
-        start = @pos
-        astring
-        @str[start...@pos - 1]
-      end
+      alias header_fld_name astring
 
       # mailbox-data    =  "FLAGS" SP flag-list / "LIST" SP mailbox-list /
       #                    "LSUB" SP mailbox-list / "SEARCH" *(SP nz-number) /

data/lib/net/imap/sasl/authentication_exchange.rb

@@ -4,44 +4,76 @@ module Net
   class IMAP
     module SASL
 
-      # This API is *experimental*, and may change.
+      # AuthenticationExchange is used internally by Net::IMAP#authenticate.
+      # But the API is still *experimental*, and may change.
       #
       # TODO: catch exceptions in #process and send #cancel_response.
       # TODO: raise an error if the command succeeds after being canceled.
       # TODO: use with more clients, to verify the API can accommodate them.
+      # TODO: pass ClientAdapter#service to SASL.authenticator
       #
-      # Create an AuthenticationExchange from a client adapter and a mechanism
-      # authenticator:
-      #     def authenticate(mechanism, ...)
-      #       authenticator = SASL.authenticator(mechanism, ...)
-      #       SASL::AuthenticationExchange.new(
-      #         sasl_adapter, mechanism, authenticator
-      #       ).authenticate
-      #     end
-      #
-      #     private
+      # An AuthenticationExchange represents a single attempt to authenticate
+      # a SASL client to a SASL server.  It is created from a client adapter, a
+      # mechanism name, and a mechanism authenticator.  When #authenticate is
+      # called, it will send the appropriate authenticate command to the server,
+      # returning the client response on success and raising an exception on
+      # failure.
       #
-      #     def sasl_adapter = MyClientAdapter.new(self, &method(:send_command))
+      # In most cases, the client will not need to use
+      # SASL::AuthenticationExchange directly at all.  Instead, use
+      # SASL::ClientAdapter#authenticate.  If customizations are needed, the
+      # custom client adapter is probably the best place for that code.
       #
-      # Or delegate creation of the authenticator to ::build:
       #     def authenticate(...)
-      #       SASL::AuthenticationExchange.build(sasl_adapter, ...)
-      #         .authenticate
+      #       MyClient::SASLAdapter.new(self).authenticate(...)
       #     end
       #
-      # As a convenience, ::authenticate combines ::build and #authenticate:
+      # SASL::ClientAdapter#authenticate delegates to ::authenticate, like so:
+      #
       #     def authenticate(...)
+      #       sasl_adapter = MyClient::SASLAdapter.new(self)
       #       SASL::AuthenticationExchange.authenticate(sasl_adapter, ...)
       #     end
       #
-      # Likewise, ClientAdapter#authenticate delegates to #authenticate:
-      #     def authenticate(...) = sasl_adapter.authenticate(...)
+      # ::authenticate simply delegates to ::build and #authenticate, like so:
+      #
+      #     def authenticate(...)
+      #       sasl_adapter = MyClient::SASLAdapter.new(self)
+      #       SASL::AuthenticationExchange
+      #         .build(sasl_adapter, ...)
+      #         .authenticate
+      #     end
+      #
+      # And ::build delegates to SASL.authenticator and ::new, like so:
+      #
+      #     def authenticate(mechanism, ...)
+      #       sasl_adapter = MyClient::SASLAdapter.new(self)
+      #       authenticator = SASL.authenticator(mechanism, ...)
+      #       SASL::AuthenticationExchange
+      #         .new(sasl_adapter, mechanism, authenticator)
+      #         .authenticate
+      #     end
       #
       class AuthenticationExchange
         # Convenience method for <tt>build(...).authenticate</tt>
+        #
+        # See also: SASL::ClientAdapter#authenticate
         def self.authenticate(...) build(...).authenticate end
 
-        # Use +registry+ to override the global Authenticators registry.
+        # Convenience method to combine the creation of a new authenticator and
+        # a new Authentication exchange.
+        #
+        # +client+ must be an instance of SASL::ClientAdapter.
+        #
+        # +mechanism+ must be a SASL mechanism name, as a string or symbol.
+        #
+        # +sasl_ir+ allows or disallows sending an "initial response", depending
+        # also on whether the server capabilities, mechanism authenticator, and
+        # client adapter all support it.  Defaults to +true+.
+        #
+        # +mechanism+, +args+, +kwargs+, and +block+ are all forwarded to
+        # SASL.authenticator.  Use the +registry+ kwarg to override the global
+        # SASL::Authenticators registry.
         def self.build(client, mechanism, *args, sasl_ir: true, **kwargs, &block)
           authenticator = SASL.authenticator(mechanism, *args, **kwargs, &block)
           new(client, mechanism, authenticator, sasl_ir: sasl_ir)
@@ -51,7 +83,7 @@ module Net
 
         def initialize(client, mechanism, authenticator, sasl_ir: true)
           @client = client
-          @mechanism = -mechanism.to_s.upcase.tr(?_, ?-)
+          @mechanism = Authenticators.normalize_name(mechanism)
           @authenticator = authenticator
           @sasl_ir = sasl_ir
           @processed = false

data/lib/net/imap/sasl/authenticators.rb

@@ -21,6 +21,10 @@ module Net::IMAP::SASL
   # ScramSHA1Authenticator for examples.
   class Authenticators
 
+    # Normalize the mechanism name as an uppercase string, with underscores
+    # converted to dashes.
+    def self.normalize_name(mechanism) -(mechanism.to_s.upcase.tr(?_, ?-)) end
+
     # Create a new Authenticators registry.
     #
     # This class is usually not instantiated directly.  Use SASL.authenticators
@@ -65,7 +69,6 @@ module Net::IMAP::SASL
     # lazily loaded from <tt>Net::IMAP::SASL::#{name}Authenticator</tt> (case is
     # preserved and non-alphanumeric characters are removed..
     def add_authenticator(name, authenticator = nil)
-      key = -name.to_s.upcase.tr(?_, ?-)
       authenticator ||= begin
         class_name = "#{name.gsub(/[^a-zA-Z0-9]/, "")}Authenticator".to_sym
         auth_class = nil
@@ -74,17 +77,18 @@ module Net::IMAP::SASL
           auth_class.new(*creds, **props, &block)
         }
       end
+      key = Authenticators.normalize_name(name)
       @authenticators[key] = authenticator
     end
 
     # Removes the authenticator registered for +name+
     def remove_authenticator(name)
-      key = -name.to_s.upcase.tr(?_, ?-)
+      key = Authenticators.normalize_name(name)
       @authenticators.delete(key)
     end
 
     def mechanism?(name)
-      key = -name.to_s.upcase.tr(?_, ?-)
+      key = Authenticators.normalize_name(name)
       @authenticators.key?(key)
     end
 
@@ -105,7 +109,7 @@ module Net::IMAP::SASL
     #   only.  Protocol client users should see refer to their client's
     #   documentation, e.g. Net::IMAP#authenticate.
     def authenticator(mechanism, ...)
-      key = -mechanism.to_s.upcase.tr(?_, ?-)
+      key = Authenticators.normalize_name(mechanism)
       auth = @authenticators.fetch(key) do
         raise ArgumentError, 'unknown auth type - "%s"' % key
       end

data/lib/net/imap/sasl/client_adapter.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "forwardable"
+
 module Net
   class IMAP
     module SASL
@@ -8,42 +10,76 @@ module Net
       #
       # TODO: use with more clients, to verify the API can accommodate them.
       #
-      # An abstract base class for implementing a SASL authentication exchange.
-      # Different clients will each have their own adapter subclass, overridden
-      # to match their needs.
+      # Represents the client to a SASL::AuthenticationExchange.  By default,
+      # most methods simply delegate to #client.  Clients should subclass
+      # SASL::ClientAdapter and override methods as needed to match the
+      # semantics of this API to their API.
       #
-      # Although the default implementations _may_ be sufficient, subclasses
-      # will probably need to override some methods.  Additionally, subclasses
-      # may need to include a protocol adapter mixin, if the default
+      # Subclasses should also include a protocol adapter mixin when the default
       # ProtocolAdapters::Generic isn't sufficient.
+      #
+      # === Protocol Requirements
+      #
+      # {RFC4422 §4}[https://www.rfc-editor.org/rfc/rfc4422.html#section-4]
+      # lists requirements for protocol specifications to offer SASL.  Where
+      # possible, ClientAdapter delegates the handling of these requirements to
+      # SASL::ProtocolAdapters.
       class ClientAdapter
+        extend Forwardable
+
         include ProtocolAdapters::Generic
 
-        attr_reader :client, :command_proc
+        # The client that handles communication with the protocol server.
+        #
+        # Most ClientAdapter methods are simply delegated to #client by default.
+        attr_reader :client
 
         # +command_proc+ can used to avoid exposing private methods on #client.
-        # It should run a command with the arguments sent to it, yield each
-        # continuation payload, respond to the server with the result of each
-        # yield, and return the result.  Non-successful results *MUST* raise an
-        # exception.  Exceptions in the block *MUST* cause the command to fail.
+        # It's value is set by the block that is passed to ::new, and it is used
+        # by the default implementation of #run_command.  Subclasses that
+        # override #run_command may use #command_proc for any other purpose they
+        # find useful.
         #
-        # Subclasses that override #run_command may use #command_proc for
-        # other purposes.
+        # In the default implementation of #run_command, command_proc is called
+        # with the protocols authenticate +command+ name, the +mechanism+ name,
+        # an _optional_ +initial_response+ argument, and a +continuations+
+        # block.  command_proc must run the protocol command with the arguments
+        # sent to it, _yield_ the payload of each continuation, respond to the
+        # continuation with the result of each _yield_, and _return_ the
+        # command's successful result.  Non-successful results *MUST* raise
+        # an exception.
+        attr_reader :command_proc
+
+        # By default, this simply sets the #client and #command_proc attributes.
+        # Subclasses may override it, for example: to set the appropriate
+        # command_proc automatically.
         def initialize(client, &command_proc)
           @client, @command_proc = client, command_proc
         end
 
-        # Delegates to AuthenticationExchange.authenticate.
+        # Attempt to authenticate #client to the server.
+        #
+        # By default, this simply delegates to
+        # AuthenticationExchange.authenticate.
         def authenticate(...) AuthenticationExchange.authenticate(self, ...) end
 
-        # Do the protocol and server both support an initial response?
-        def sasl_ir_capable?; client.sasl_ir_capable? end
+        ##
+        # method: sasl_ir_capable?
+        # Do the protocol, server, and client all support an initial response?
+        def_delegator :client, :sasl_ir_capable?
 
-        # Does the server advertise support for the mechanism?
-        def auth_capable?(mechanism); client.auth_capable?(mechanism) end
+        ##
+        # method: auth_capable?
+        # call-seq: auth_capable?(mechanism)
+        #
+        # Does the server advertise support for the +mechanism+?
+        def_delegator :client, :auth_capable?
 
-        # Runs the authenticate command with +mechanism+ and +initial_response+.
-        # When +initial_response+ is nil, an initial response must NOT be sent.
+        # Calls command_proc with +command_name+ (see
+        # SASL::ProtocolAdapters::Generic#command_name),
+        # +mechanism+, +initial_response+, and a +continuations_handler+ block.
+        # The +initial_response+ is optional; when it's nil, it won't be sent to
+        # command_proc.
         #
         # Yields each continuation payload, responds to the server with the
         # result of each yield, and returns the result.  Non-successful results
@@ -51,21 +87,36 @@ module Net
         # command to fail.
         #
         # Subclasses that override this may use #command_proc differently.
-        def run_command(mechanism, initial_response = nil, &block)
+        def run_command(mechanism, initial_response = nil, &continuations_handler)
           command_proc or raise Error, "initialize with block or override"
           args = [command_name, mechanism, initial_response].compact
-          command_proc.call(*args, &block)
+          command_proc.call(*args, &continuations_handler)
         end
 
+        ##
+        # method: host
+        # The hostname to which the client connected.
+        def_delegator :client, :host
+
+        ##
+        # method: port
+        # The destination port to which the client connected.
+        def_delegator :client, :port
+
         # Returns an array of server responses errors raised by run_command.
         # Exceptions in this array won't drop the connection.
         def response_errors; [] end
 
-        # Drop the connection gracefully.
-        def drop_connection;  client.drop_connection end
+        ##
+        # method: drop_connection
+        # Drop the connection gracefully, sending a "LOGOUT" command as needed.
+        def_delegator :client, :drop_connection
+
+        ##
+        # method: drop_connection!
+        # Drop the connection abruptly, closing the socket without logging out.
+        def_delegator :client, :drop_connection!
 
-        # Drop the connection abruptly.
-        def drop_connection!; client.drop_connection! end
       end
     end
   end

data/lib/net/imap/sasl/cram_md5_authenticator.rb

@@ -20,7 +20,7 @@ class Net::IMAP::SASL::CramMD5Authenticator
                  warn_deprecation: true,
                  **)
     if warn_deprecation
-      warn "WARNING: CRAM-MD5 mechanism is deprecated." # TODO: recommend SCRAM
+      warn "WARNING: CRAM-MD5 mechanism is deprecated.", category: :deprecated
     end
     require "digest/md5"
     @user = authcid || username || user