rethink-public/aiomail
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: rethink-public:main
Branches Tags
rethink-public:main
rethink-public:v0.1.5
rethink-public:v0.1.4
rethink-public:v0.1.3
rethink-public:v0.1.2
rethink-public:v0.1.1
rethink-public:v0.1.0
..
compare: rethink-public:v0.1.1
Branches Tags
rethink-public:main
rethink-public:v0.1.5
rethink-public:v0.1.4
rethink-public:v0.1.3
rethink-public:v0.1.2
rethink-public:v0.1.1
rethink-public:v0.1.0

No commits in common. "main" and "v0.1.1" have entirely different histories.
main ... v0.1.1

9 changed files with 35 additions and 93 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,5 +1,5 @@
# claude
.claude/
CLAUDE.md
# python
__pycache__/

10
README.md
View File

@ -11,23 +11,21 @@ This reads codes from email; it does not generate them (that is `pyotp`'s job).
`requirements.txt`:
```
aiomail @ git+ssh://git@git.rethinkstudios.io/rethink-public/aiomail.git@v0.1.5
aiomail @ git+ssh://git@git.rethinkstudios.io/rethink-public/aiomail.git@v0.1.1
# OAuth token providers (Microsoft / Google) need the extra:
aiomail[oauth] @ git+ssh://git@git.rethinkstudios.io/rethink-public/aiomail.git@v0.1.5
aiomail[oauth] @ git+ssh://git@git.rethinkstudios.io/rethink-public/aiomail.git@v0.1.1
```
Direct:
```bash
pip install "aiomail @ git+ssh://git@git.rethinkstudios.io/rethink-public/aiomail.git@v0.1.5"
pip install "aiomail[oauth] @ git+ssh://git@git.rethinkstudios.io/rethink-public/aiomail.git@v0.1.5"
pip install "aiomail @ git+ssh://git@git.rethinkstudios.io/rethink-public/aiomail.git@v0.1.1"
pip install "aiomail[oauth] @ git+ssh://git@git.rethinkstudios.io/rethink-public/aiomail.git@v0.1.1"
```
Requires `aioimaplib` and `beautifulsoup4` (pulled transitively). The `oauth`
extra adds `aiohttp` for the refresh-token providers.
Drop the `@v0.1.5` suffix from the line above to install the latest unpinned.
## Password auth
```python

2
pyproject.toml
View File

@ -4,7 +4,7 @@ build-backend = "hatchling.build"
[project]
name = "aiomail"
version = "0.1.5"
version = "0.1.1"
description = "async IMAP one-time-code retrieval with password/OAuth2 auth and dynamic matching"
requires-python = ">=3.10"
dependencies = [

2
src/aiomail/__init__.py
View File

@ -29,4 +29,4 @@ __all__ = [
"DEFAULT_FOLDERS",
]
__version__ = "0.1.5"
__version__ = "0.1.1"

3
src/aiomail/auth.py
View File

@ -94,9 +94,6 @@ class OAuth2Auth:
if xoauth2 is not None:
result, data = await xoauth2(self.user, token)
elif hasattr(mail, "authenticate"):
# escape hatch for a non-aioimaplib client: the shipped aioimaplib IMAP4
# always has .xoauth2 and never .authenticate, so this branch never runs
# for it; the SASL-callback signature here is untested against any driver
result, data = await mail.authenticate(
"XOAUTH2", lambda _: _sasl_xoauth2(self.user, token)
)

62
src/aiomail/client.py
View File

@ -9,7 +9,6 @@ import asyncio
import email
import email.message
import logging
import re
from typing import List, Optional
from aioimaplib import IMAP4, IMAP4_SSL
@ -18,22 +17,6 @@ from .auth import Auth
log = logging.getLogger(__name__)
# IMAP LIST reply: (flags) "<delim>" <name> — delim is server-defined (often "/" or
# "." or NIL); capture the trailing name regardless, quoted or bare
_LIST_RE = re.compile(rb'^\([^)]*\)\s+(?:"[^"]*"|NIL)\s+(.+)$')
def _folder_name(raw: bytes) -> str:
"""extract the folder name from a LIST reply line, delimiter-agnostic
parses the real reply form `(flags) "<delim>" <name>` so any server hierarchy
delimiter works (not just "/"); falls back to the last quoted/space token if the
line doesn't match the canonical shape.
"""
match = _LIST_RE.match(raw.strip())
name = match.group(1).decode() if match else raw.decode().rsplit(" ", 1)[-1]
return name.strip().strip('"')
class IMAPClient:
"""connection-managing IMAP client driven by an injected auth mechanism
@ -85,33 +68,14 @@ class IMAPClient:
except Exception as exc:
log.warning("connect attempt %d/%d failed: %s", attempt + 1, self.max_retries, exc)
if self._mail is not None:
await self._discard_mail(self._mail)
try:
await self._mail.logout()
except Exception as teardown:
log.debug("logout error ignored during failed connect: %s", teardown)
self._mail = None
await asyncio.sleep(2 * (attempt + 1))
return False
@staticmethod
async def _discard_mail(mail) -> None:
"""tear down a half-built IMAP4 without leaking its connect task
aioimaplib's IMAP4 schedules `create_connection` as a fire-and-forget task it
never retrieves; on a refused connection that task raises and asyncio logs a
noisy "Task exception was never retrieved" traceback. cancel/await it here (and
retrieve its exception) before discarding, so a failed connect stays quiet.
"""
task = getattr(mail, "_client_task", None)
if task is not None and not task.done():
task.cancel()
if task is not None:
try:
await task
except (asyncio.CancelledError, Exception):
pass
try:
await mail.logout()
except Exception as teardown:
log.debug("logout error ignored during failed connect: %s", teardown)
async def close(self) -> None:
"""log out and drop the connection, swallowing teardown errors"""
if self._mail is not None:
@ -131,6 +95,14 @@ class IMAPClient:
except Exception:
return await self.connect()
def is_throttled(self) -> bool:
"""best-effort detection of a provider throttling response"""
return bool(
self._mail is not None
and getattr(self._mail, "resp", None)
and "THROTTLED" in str(self._mail.resp)
)
async def get_folders(self) -> List[str]:
"""list mailbox folder names"""
if not await self.ensure_connection():
@ -143,7 +115,7 @@ class IMAPClient:
folders: List[str] = []
for folder in folder_list or []:
try:
folders.append(_folder_name(folder))
folders.append(folder.decode().split(' "/" ')[-1].strip('"'))
except Exception:
continue
return folders
@ -197,14 +169,8 @@ class IMAPClient:
if result != "OK" or not data:
return None
for item in data:
# aioimaplib stores the literal message payload as the only bytearray in
# the response; every other line (including the `<id> FETCH (...` header)
# is plain bytes. select by structure, not length — a length heuristic
# mismatches the header line for any 2+ digit id or a BODY[]/UID fetch.
if isinstance(item, bytearray):
if isinstance(item, (bytes, bytearray)) and len(item) > 20:
return email.message_from_bytes(bytes(item))
# cross-version fallback: aioimaplib 2.0.x never yields tuples here, but an
# imaplib-style (header, payload) tuple is handled if a future/alt driver does
if isinstance(item, tuple) and len(item) > 1:
return email.message_from_bytes(item[1])
return None

6
src/aiomail/extract.py
View File

@ -76,7 +76,7 @@ def _scan(text: str, patterns: list[Pattern], lengths: set[int]) -> Optional[str
return m.group(1) if m.groups() else m.group(0)
for token in re.split(r"\s+", text):
digits = "".join(c for c in token if c.isdigit())
if digits and len(digits) in lengths:
if digits and len(digits) in lengths and digits.isdigit():
return digits
return None
@ -121,8 +121,6 @@ def as_predicate(spec: MatchSpec) -> Callable[[Optional[str]], bool]:
if isinstance(spec, re.Pattern):
return lambda value: bool(spec.search(value or ""))
if callable(spec):
# coalesce None like the string/regex branches so the documented Optional[str]
# predicate contract holds even if a caller's callable assumes a real string
return lambda value: bool(spec(value or ""))
return spec
needle = str(spec).lower()
return lambda value: needle in (value or "").lower()

9
src/aiomail/oauth.py
View File

@ -76,17 +76,12 @@ class _RefreshTokenProvider:
async with aiohttp.ClientSession(timeout=timeout) as session:
async with session.post(endpoint, data=data) as resp:
if resp.status == 200:
# content_type=None: some token endpoints return a 200 with
# text/plain or text/javascript; default json() would raise
# ContentTypeError and discard a valid token body
token = (await resp.json(content_type=None)).get("access_token")
token = (await resp.json()).get("access_token")
if token:
self._failures = 0
return token
else:
# log a truncated error body only — a token-endpoint
# response can carry sensitive material; never dump it whole
body = (await resp.text())[:200]
body = await resp.text()
log.warning("token endpoint %s -> %s: %s", endpoint, resp.status, body)
except Exception as exc:
log.warning("token request to %s failed: %s", endpoint, exc)

32
src/aiomail/retrieve.py
View File

@ -20,18 +20,16 @@ log = logging.getLogger(__name__)
DEFAULT_FOLDERS: Sequence[str] = ("INBOX", "Junk", "Spam", "Archive", "All Mail")
def _server_query(sender: MatchSpec, subject: MatchSpec, match_field: str = "from") -> str:
def _server_query(sender: MatchSpec, subject: MatchSpec) -> str:
"""build a narrowing IMAP query from plain-string specs only
only plain strings translate to server-side filters; regex and callable specs
fall back to ALL and are filtered client-side, so dynamic matching always works
even when the server cannot express it. `match_field` selects which header the
`sender` spec searches: "from" filters by the sender address (default), "to"
filters by the recipient address (the per-user alias the code was sent to).
only plain strings translate to server-side FROM/SUBJECT filters; regex and
callable specs fall back to ALL and are filtered client-side, so dynamic
matching always works even when the server cannot express it.
"""
parts: List[str] = []
if isinstance(sender, str):
parts.append(f'TO "{sender}"' if match_field == "to" else f'FROM "{sender}"')
parts.append(f'FROM "{sender}"')
if isinstance(subject, str):
parts.append(f'SUBJECT "{subject}"')
return f"({' '.join(parts)})" if parts else "ALL"
@ -54,7 +52,6 @@ async def retrieve_otp(
*,
sender: MatchSpec = None,
subject: MatchSpec = None,
match_field: str = "from",
folders: Optional[Iterable[str]] = None,
patterns: Sequence[Union[str, Pattern]] = DEFAULT_PATTERNS,
lengths: Iterable[int] = DEFAULT_LENGTHS,
@ -67,18 +64,14 @@ async def retrieve_otp(
) -> Optional[str]:
"""return the newest OTP matching the filters, or None
sender/subject accept a substring, a compiled regex, or a callable. `match_field`
selects which header the `sender` spec is matched against: "from" (default)
matches the sender address; "to" matches the recipient address (the per-user
alias the code was sent to) and additionally accepts a forwarded match on the
From header, so a forwarded code still resolves. folders, patterns, code lengths,
max age and retry behavior are all tunable. set `max_age=None` to disable the
freshness check.
sender/subject accept a substring, a compiled regex, or a callable. folders,
patterns, code lengths, max age and retry behavior are all tunable. set
`max_age=None` to disable the freshness check.
"""
folders = list(folders) if folders is not None else list(DEFAULT_FOLDERS)
sender_ok = as_predicate(sender)
subject_ok = as_predicate(subject)
query = _server_query(sender, subject, match_field)
query = _server_query(sender, subject)
for attempt in range(retries + 1):
for folder in folders:
@ -98,12 +91,7 @@ async def retrieve_otp(
from_hdr = message.get("From", "")
subj_hdr = message.get("Subject", "")
if match_field == "to":
to_hdr = message.get("To", "")
matched = sender_ok(to_hdr) or sender_ok(from_hdr)
else:
matched = sender_ok(from_hdr)
if not matched or not subject_ok(subj_hdr):
if not sender_ok(from_hdr) or not subject_ok(subj_hdr):
continue
code = extract_code(message, patterns=patterns, lengths=lengths)