aboutsummaryrefslogtreecommitdiff
path: root/modules/auth-config.el
diff options
context:
space:
mode:
Diffstat (limited to 'modules/auth-config.el')
-rw-r--r--modules/auth-config.el50
1 files changed, 24 insertions, 26 deletions
diff --git a/modules/auth-config.el b/modules/auth-config.el
index 7f729f02a..c2df244b5 100644
--- a/modules/auth-config.el
+++ b/modules/auth-config.el
@@ -1,4 +1,4 @@
-;; auth-config.el --- Configuration for Authentication Utilities -*- lexical-binding: t; coding: utf-8; -*-
+;;; auth-config.el --- Authentication and GPG integration -*- lexical-binding: t; coding: utf-8; -*-
;; author Craig Jennings <c@cjennings.net>
;;; Commentary:
@@ -6,34 +6,30 @@
;; Layer: 1 (Foundation).
;; Category: F/D.
;; Load shape: eager.
-;; Eager reason: auth-source and GPG/epa setup that other modules rely on for
-;; credentials early in the session.
-;; Top-level side effects: auth-source/epa configuration via use-package and setq.
+;; Eager reason: credentials and GPG setup are needed by other modules early.
+;; Top-level side effects: auth-source/epa setup and oauth2-auto cache advice.
;; Runtime requires: system-lib, user-constants.
-;; Direct test load: yes (configuration only).
+;; Direct test load: yes.
;;
-;; Configuration for Emacs authentication and GPG integration:
-
-;; • auth-source
-;; – Forces use of your default authinfo file
-;; – Disable external GPG agent in favor of Emacs's own prompt
-;; – Keeps auth-source debug logging disabled by default
-
-;; • Easy PG Assistant (epa)
-;; – Force using the 'gpg2' executable for encryption/decryption operations
-
-;; • oauth2-auto cache fix (via advice)
-;; – oauth2-auto version 20250624.1919 has caching bug on line 206
-;; – Function oauth2-auto--plstore-read has `or nil` disabling cache
-;; – This caused GPG passphrase prompts every ~15 minutes during gcal-sync
-;; – Fix: Advice to enable hash-table cache without modifying package
-;; – Works across package updates
-;; – Fixed 2025-11-11
+;; Central auth-source, GPG, and credential-debug setup. Auth lookups use the
+;; configured authinfo file; passphrase caching is left to gpg-agent.
+;;
+;; Advises oauth2-auto's plstore reader to restore in-memory caching and avoid
+;; repeated GPG prompts during calendar/mail refreshes.
;;; Code:
(require 'system-lib)
-(eval-when-compile (require 'user-constants)) ;; defines authinfo-file location
+(require 'user-constants) ;; defines authinfo-file, read at load time below
+
+;; Lazily-loaded oauth2-auto / plstore internals used by the cache-fix advice
+;; below. oauth2-auto is required at runtime inside the advised function; these
+;; declarations satisfy the byte-compiler without forcing an eager load.
+(declare-function oauth2-auto--compute-id "oauth2-auto")
+(declare-function plstore-get "plstore")
+(declare-function plstore-close "plstore")
+(defvar oauth2-auto--plstore-cache)
+(defvar oauth2-auto-plstore)
(defcustom cj/auth-source-debug-enabled nil
"Non-nil means enable verbose auth-source debug logging.
@@ -83,9 +79,11 @@ much context about sensitive services in the Messages buffer."
;; (setq epa-pinentry-mode 'loopback) ;; emacs request passwords in minibuffer
(setq epg-gpg-program "gpg2") ;; force use gpg2 (not gpg v.1)
- ;; Update gpg-agent with current DISPLAY environment
- ;; This ensures pinentry can open GUI windows when Emacs starts
- (call-process "gpg-connect-agent" nil nil nil "updatestartuptty" "/bye"))
+ ;; Update gpg-agent with the current DISPLAY so pinentry can open GUI windows.
+ ;; Guarded: on a machine without the binary the bare call-process signalled
+ ;; file-missing and aborted init.
+ (when (cj/executable-find-or-warn "gpg-connect-agent" "GPG pinentry GUI updates")
+ (call-process "gpg-connect-agent" nil nil nil "updatestartuptty" "/bye")))
;; ---------------------------------- Plstore ----------------------------------
;; Encrypted storage used by oauth2-auto for Google Calendar tokens.