summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--modules/auth-config.el27
-rw-r--r--tests/test-auth-config-debug.el41
2 files changed, 66 insertions, 2 deletions
diff --git a/modules/auth-config.el b/modules/auth-config.el
index c760d71a..f2df1746 100644
--- a/modules/auth-config.el
+++ b/modules/auth-config.el
@@ -8,7 +8,7 @@
;; • auth-source
;; – Forces use of your default authinfo file
;; – Disable external GPG agent in favor of Emacs's own prompt
-;; – Enable auth-source debug messages
+;; – Keeps auth-source debug logging disabled by default
;; • Easy PG Assistant (epa)
;; – Force using the 'gpg2' executable for encryption/decryption operations
@@ -26,6 +26,29 @@
(require 'system-lib)
(eval-when-compile (require 'user-constants)) ;; defines authinfo-file location
+(defcustom cj/auth-source-debug-enabled nil
+ "Non-nil means enable verbose auth-source debug logging.
+
+Keep this nil during normal startup. Auth-source debug output is useful
+for troubleshooting credential lookup problems, but it can expose too
+much context about sensitive services in the Messages buffer."
+ :type 'boolean
+ :group 'auth-source)
+
+(defun cj/set-auth-source-debug (enabled)
+ "Set auth-source debug logging according to ENABLED."
+ (interactive
+ (list (y-or-n-p "Enable auth-source debug logging? ")))
+ (setq cj/auth-source-debug-enabled enabled)
+ (setq auth-source-debug enabled)
+ (message "auth-source debug logging %s"
+ (if enabled "enabled" "disabled")))
+
+(defun cj/toggle-auth-source-debug ()
+ "Toggle verbose auth-source debug logging for troubleshooting."
+ (interactive)
+ (cj/set-auth-source-debug (not auth-source-debug)))
+
;; -------------------------------- Auth Sources -------------------------------
;; auth sources settings
@@ -36,7 +59,7 @@
;; USE gpg-agent for passphrase caching (400-day cache from gpg-agent.conf)
;; (setenv "GPG_AGENT_INFO" nil) ;; DISABLED: was preventing gpg-agent cache
(setq auth-sources `(,authinfo-file)) ;; use authinfo.gpg (see user-constants.el)
- (setq auth-source-debug t) ;; echo debug info to Messages
+ (setq auth-source-debug cj/auth-source-debug-enabled)
(setq auth-source-cache-expiry 86400)) ;; cache decrypted credentials for 24 hours
;; ----------------------------- Easy PG Assistant -----------------------------
diff --git a/tests/test-auth-config-debug.el b/tests/test-auth-config-debug.el
new file mode 100644
index 00000000..9b45f3fc
--- /dev/null
+++ b/tests/test-auth-config-debug.el
@@ -0,0 +1,41 @@
+;;; test-auth-config-debug.el --- Tests for auth-source debug defaults -*- lexical-binding: t; -*-
+
+;;; Commentary:
+;; Ensures credential lookup debug logging is opt-in.
+
+;;; Code:
+
+(require 'ert)
+(require 'cl-lib)
+(require 'auth-source)
+
+(add-to-list 'load-path (expand-file-name "modules" user-emacs-directory))
+
+(defun test-auth-config-debug--load ()
+ "Load auth-config while stubbing external process calls."
+ (setq cj/auth-source-debug-enabled nil)
+ (setq auth-source-debug :before-load)
+ (cl-letf (((symbol-function 'call-process)
+ (lambda (&rest _args) 0)))
+ (load (expand-file-name "modules/auth-config.el" user-emacs-directory)
+ nil t)))
+
+(ert-deftest test-auth-config-debug-defaults-to-disabled ()
+ "Loading auth-config should leave auth-source debug logging disabled."
+ (test-auth-config-debug--load)
+ (should-not cj/auth-source-debug-enabled)
+ (should-not auth-source-debug))
+
+(ert-deftest test-auth-config-debug-toggle-updates-auth-source ()
+ "The troubleshooting toggle should update both public debug variables."
+ (test-auth-config-debug--load)
+ (cl-letf (((symbol-function 'message) (lambda (&rest _args) nil)))
+ (cj/set-auth-source-debug t)
+ (should cj/auth-source-debug-enabled)
+ (should auth-source-debug)
+ (cj/set-auth-source-debug nil)
+ (should-not cj/auth-source-debug-enabled)
+ (should-not auth-source-debug)))
+
+(provide 'test-auth-config-debug)
+;;; test-auth-config-debug.el ends here