diff options
| author | Yann Herklotz <git@yannherklotz.com> | 2023-06-02 13:09:55 +0100 |
|---|---|---|
| committer | Yann Herklotz <git@yannherklotz.com> | 2023-06-02 13:13:52 +0100 |
| commit | 768fd0a247bb679fbbeb840fd7b6c736264e96cf (patch) | |
| tree | 3ba9d05b9c6ef6b0dc4b640ec025d5891091de0a | |
| parent | 53118ee815402f158aefda8c750ffd316c57f0bf (diff) | |
| download | dotfiles-768fd0a247bb679fbbeb840fd7b6c736264e96cf.tar.gz dotfiles-768fd0a247bb679fbbeb840fd7b6c736264e96cf.zip | |
Anonymise mail authentication
| -rwxr-xr-x | notmuch/.local/bin/mutt_oauth2.py | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/notmuch/.local/bin/mutt_oauth2.py b/notmuch/.local/bin/mutt_oauth2.py index a4a8872..2f02560 100755 --- a/notmuch/.local/bin/mutt_oauth2.py +++ b/notmuch/.local/bin/mutt_oauth2.py @@ -44,8 +44,18 @@ import subprocess # encryption and decryption pipes you prefer. They should read from standard # input and write to standard output. The example values here invoke GPG, # although won't work until an appropriate identity appears in the first line. -ENCRYPTION_PIPE = ['gpg', '--default-key', '6C6BA068183138B0', '--encrypt', '--recipient', '6C6BA068183138B0'] -DECRYPTION_PIPE = ['gpg', '--default-key', '6C6BA068183138B0', '--decrypt'] + +CURRENT_SERVER_NAME = socket.gethostname() +CURRENT_LOCAL_GPG_KEY = os.environ['MAIL_GPG_KEY'] + +ENCRYPTION_PIPE = ['gpg', '--default-key', CURRENT_LOCAL_GPG_KEY, '--encrypt', '--recipient', CURRENT_LOCAL_GPG_KEY] +DECRYPTION_PIPE = ['gpg', '--default-key', CURRENT_LOCAL_GPG_KEY, '--decrypt'] + +CURRENT_KEYS = subprocess.run(['pass', 'show', 'imperial/' + CURRENT_SERVER_NAME + '-keys'], capture_output=True, text=True).stdout.splitlines() + +CURRENT_KEY_SECRET = CURRENT_KEYS[0] +CURRENT_KEY_ID = CURRENT_KEYS[2] +CURRENT_KEY_DIR = CURRENT_KEYS[3] registrations = { 'google': { @@ -62,9 +72,9 @@ registrations = { 'client_secret': '', }, 'microsoft': { - 'authorize_endpoint': 'https://login.microsoftonline.com/2b897507-ee8c-4575-830b-4f8267c3d307/oauth2/v2.0/authorize', + 'authorize_endpoint': 'https://login.microsoftonline.com/' + CURRENT_KEY_DIR + '/oauth2/v2.0/authorize', 'devicecode_endpoint': 'https://login.microsoftonline.com/common/oauth2/v2.0/devicecode', - 'token_endpoint': 'https://login.microsoftonline.com/2b897507-ee8c-4575-830b-4f8267c3d307/oauth2/v2.0/token', + 'token_endpoint': 'https://login.microsoftonline.com/' + CURRENT_KEY_DIR + '/oauth2/v2.0/token', # 'redirect_uri': 'https://login.microsoftonline.com/common/oauth2/nativeclient', 'redirect_uri': 'http://localhost:5000/getToken', 'tenant': 'common', @@ -75,8 +85,8 @@ registrations = { 'scope': ('offline_access https://outlook.office.com/IMAP.AccessAsUser.All ' 'https://outlook.office.com/POP.AccessAsUser.All ' 'https://outlook.office.com/SMTP.Send'), - 'client_id': '', - 'client_secret': '', + 'client_id': CURRENT_KEY_ID, + 'client_secret': CURRENT_KEY_SECRET, }, } |