Description: ------------ Added support for XOAUTH http://code.google.com/apis/gmail/oauth/protocol.html#smtp

Added patch xoauth.patch.

usage for 2legged: <?php require './SMTP.php'; $host = 'smtp.gmail.com'; $from = ''; if (! ($smtp = new Net_SMTP('ssl://' . $host, 465))) { die('Unable to instantiate Net_SMTP'); } if (PEAR::isError($e = $smtp->connect())) { die($e->getMessage() . "\n"); } if (PEAR::isError($e = $smtp->auth($from, array('consumer_key' => '', 'consumer_secret' => ''), 'XOAUTH'))) { die($e->getMessage() . "\n"); } ... ?>

usage for 3legged: <?php require './SMTP.php'; $host = 'smtp.gmail.com'; $from = ''; if (! ($smtp = new Net_SMTP('ssl://' . $host, 465))) { die('Unable to instantiate Net_SMTP'); } if (PEAR::isError($e = $smtp->connect())) { die($e->getMessage() . "\n"); } if (PEAR::isError($e = $smtp->auth($from, array('consumer_key' => '', 'consumer_secret' => '', 'token' => '', 'token_secret' => ''), 'XOAUTH'))) { die($e->getMessage() . "\n"); } ... ?>

Could you convert those examples into a unit test? It's the best way we have to ensure expected behavior as the code evolves.

Added patch auth_xoauth_2legged.phpt.

Added patch auth_xoauth_3legged.phpt.

Added patch config.php.dist.patch.

Unit tests are added. Let me know if you need anything else

Added patch package.xml.patch.

One issue with the proposed patch is the fact that the "password" ($pwd in _authXOAuth) is an array for XOAUTH. This is a problem for the case where the Net_SMTP package is used to contact an XOAUTH-capable SMTP server but only a regular user password has been provided by the user. In that case, the new code will fail. (I changed your patch to raise a PEAR_Error in this case to be explicit.) Even if we changed $pwd's type to be formatted as a string (e.g. "consumer_secret:consumer_key"), it still wouldn't degrade to the other AUTH protocol implementations that expect a user password. (This path could occur if the AUTH method priorities are reconfigured by the user, for example.) I think we'll probably need to extend the AUTH selection mechanism in Net_SMTP to handle these cases before this patch can be fully integrated.

Any plans for the changes of the selection mechanism ? Let me know if I can help !

How about adding a sixth parameter (which would contain the xoauth credentials) to the 'auth' method ? The password parameter (the second one) would become optional and before calling _getBestAuthMethod, we would have to make sure that the list of possible auth methods (in $this->auth_methods) matches the supplied parameters, i.e. if password and xoauth credentials are present, all auth methods are available (none would have to be removed), if only password is specified, we would remove xoauth from the list of available auth methods and if only xoauth credentials are specified, we would remove all but the xoauth method from the list of possible auth methods. Let me know what you think and I'll implement this change and submit a new patch

Another option would be to transform the second parameter (password) into a hash 'auth_method_name' => 'auth_value'. It would still accept the current string (for backward compatibility) which would be silently translated into the hash 'password' => $password. This way, if additional auth methods are added, there would be no need to add possibly additional parameters.

I spent some more time looking at this, and I'm still not happy with the way it integrates into the current package. While I think it could be made to work technically, I'm worried that it will be difficult for me to support the feature going forward. Given that, I've decided to suspend this issue. Thanks again for taking the time to put together some a large contribution!