8000 feat: support optional SMTP auth by dannykopping · Pull Request #14533 · coder/coder · GitHub
[go: up one dir, main page]
Skip to content

feat: support optional SMTP auth #14533

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Sep 3, 2024
Merged

feat: support optional SMTP auth #14533

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
da550f4
feat: support optional SMTP auth
dannykopping Sep 3, 2024
f7fcaf9
Be more explicit about no auth
dannykopping Sep 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
feat: support optional SMTP auth 
Signed-off-by: Danny Kopping <danny@coder.com>
  • Loading branch information
@dannykopping
dannykopping committed Sep 3, 2024
commit da550f4bcacad80a592ce3d45f48e4d1d7ea16c6
12 changes: 11 additions & 1 deletion coderd/notifications/dispatch/smtp.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,8 @@ type SMTPHandler struct {
cfg codersdk.NotificationsEmailConfig
log slog.Logger

loginWarnOnce sync.Once
noAuthWarnOnce sync.Once
loginWarnOnce sync.Once

helpers template.FuncMap
}
Expand Down Expand Up @@ -431,6 +432,15 @@ func (s *SMTPHandler) loadCertificate() (*tls.Certificate, error) {
func (s *SMTPHandler) auth(ctx context.Context, mechs string) (sasl.Client, error) {
username := s.cfg.Auth.Username.String()

// All auth mechanisms require username, so if one is not defined then don't return an auth client.
if username == "" {
s.noAuthWarnOnce.Do(func() {
s.log.Warn(ctx, "skipping auth; no username configured", slog.F("support_mechanisms", mechs))
})
// nolint:nilnil // This is a valid response.
return nil, nil
Copy link
Member
@mafredri mafredri Sep 3, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the new return signature handled by the caller(s)? I see that nilnil is new (unless sasl lib also returns it).

Edit: Might be good to mention this return signature in the function comment as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup.

		// Check for authentication capabilities.
		if ok, avail := c.Extension("AUTH"); ok { <--- enters if auth is supported
			// Ensure the auth mechanisms available are ones we can use.
			auth, err := s.auth(ctx, avail)
			if err != nil {
				return true, xerrors.Errorf("determine auth mechanism: %w", err)
			}

			// If so, use the auth mechanism to authenticate.
			if auth != nil { <--- bails out because auth is nil
				if err := c.Auth(auth); err != nil {
					return true, xerrors.Errorf("%T auth: %w", auth, err)
				}
			}
		} else if !s.cfg.Auth.Empty() {
			return false, xerrors.New("no authentication mechanisms supported by server")
		}

		<--- ... continues to process message without auth ...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Admittedly the comments could be better about this case, lemme add that.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See f7fcaf9 @mafredri, thanks for the prompt.

}

var errs error
list := strings.Split(mechs, " ")
for _, mech := range list {
Expand Down
11 changes: 10 additions & 1 deletion coderd/notifications/dispatch/smtp_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -203,7 +203,6 @@ func TestSMTP(t *testing.T) {
retryable: false,
},
{
// No auth, no problem!
name: "No auth mechanisms supported, none configured",
authMechs: []string{},
cfg: codersdk.NotificationsEmailConfig{
Expand All @@ -213,6 +212,16 @@ func TestSMTP(t *testing.T) {
toAddrs: []string{to},
expectedAuthMeth: "",
},
{
name: "Auth mechanisms supported optionally, none configured",
authMechs: []string{sasl.Login, sasl.Plain},
cfg: codersdk.NotificationsEmailConfig{
Hello: hello,
From: from,
},
toAddrs: []string{to},
expectedAuthMeth: "",
},
/**
* TLS connections
*/
Expand Down
Loading
0