aioimaplib's mail.xoauth2(user, token) builds the SASL string by f-string interpolating the token, so a bytes token injects the b'...' repr into auth=Bearer and breaks every XOAUTH2 login. dropped the .encode() (token is already str via _resolve_token/_as_str). corrected the inline comment and the CLAUDE.md note that both wrongly claimed bytes was required — that false note propagated the bug through prior review passes.
Signed-off-by: disqualifier <dev@disqualifier.me>
on a failed connect attempt the IMAP4 object was dropped without logout(), leaking the socket aioimaplib held; now it is logged out (best-effort) before nulling. also moved the asyncio import in oauth.py from inside the retry loop to module top.
Signed-off-by: disqualifier <dev@disqualifier.me>
- a token provider (or static token) returning bytes crashed token.encode() in the
XOAUTH2 path. coerce to str at the source (_resolve_token via _as_str) so both
the .encode() and SASL-fallback entrypoints get a str.
- client.search() did int(x) on every SEARCH token unguarded; a malformed/non-
numeric token aborted the whole search. skip non-numeric tokens (log at debug)
instead of crashing.
verified by execution: bytes static + async-provider tokens authenticate without
crashing (both xoauth2 and SASL-fallback paths); guarded search skips garbage.
Signed-off-by: disqualifier <dev@disqualifier.me>
