465405 – Case mismatch in KWallet Map vs. SMTP configuration causes constant re-authentication with G-mail

Bug 465405 - Case mismatch in KWallet Map vs. SMTP configuration causes constant re-authentication with G-mail

Summary: Case mismatch in KWallet Map vs. SMTP configuration causes constant re-authen...

Status:	REPORTED

Alias:	None

Product:	kmail2
Classification:	Applications
Component:	general (show other bugs)
Version:	5.22.2
Platform:	Arch Linux Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-02-07 06:02 UTC by holyforce
Modified:	2024-02-16 03:28 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description holyforce 2023-02-07 06:02:07 UTC

SUMMARY
=========
The scenario is XOAUTH2 with a G-mail account, although it may apply in other use cases.

If the "login" (e-mail address) entered in SMTP (Sending) configuration contains uppercase characters, the look-up in KWallet to find the key/value pair to retrieve the existing oauth token will fail, as it's always stored all lowercase inside the wallet.  Thus, every time you attempt to send an e-mail, you will always be redirected to Google to authorize a new token, as your system doesn't think you yet have one.  Ironically, the previous token will be successfully overwritten by the new one.

Receiving e-mails seems to be unaffected by case mismatch (configuration vs. wallet).

I suggest the issue is some degree more of a bug than user misconfiguration, as the "Add Account" wizard asks for your e-mail address (which you may supply as Foo@gmail.com, for example, noting the capital "F") and it'll proceed to automate setup for you seemingly without compliant, despite then experiencing this issue. 

I assume being able to enter capital letters isn't the core issue, either. The solution may be more closely attached to how KMail, Akonadi, and Wallet are spec'ed to interact. As a sidenote, I tried adding the same G-mail account to my client multiple times in various casing (co-existing), and started to have some strange effects that should likely be it's own issue if found warranted after further review.


STEPS TO REPRODUCE
==================
1. XOAUTH2 with a SMTP configuration containing an uppercase character in the login (manual setup or Add Account wizard).
2. Try to send an e-mail.
3. Notice redirection to Google to authorize a new token on every send, even if you already have one.


OBSERVED RESULT
================
Doesn't fetch token from Wallet seemingly due to case mismatch.


EXPECTED RESULT
===============
Retrieve existing token from Wallet.


SOFTWARE/OS VERSIONS
=====================
Linux/KDE Plasma: 6.1.9-arch1-1
KDE Plasma Version: 5.26.5
KDE Frameworks Version: 5.102.0
Qt Version: 5.15.8


ADDITIONAL COMMENTARY
=======================
I'm extremely new to enjoying KDE, so my observations on the issue are best novice effort.  Also please note, should you test "case swapping", be sure to clear Akonadi Cache between settings changes to ensure effect is taken. Otherwise I assume some layer of the system feels no actual change occurred when only the case was changed, and you'll not immediately see the result.