From: "Lukas Wagner" <l.wagner@proxmox.com>
To: "Arthur Bied-Charreton" <a.bied-charreton@proxmox.com>,
<pve-devel@lists.proxmox.com>
Subject: Re: [PATCH pve-manager 1/5] notifications: Add OAuth2 parameters to schema and add/update endpoints
Date: Mon, 23 Mar 2026 13:26:28 +0100 [thread overview]
Message-ID: <DHA5SL3M0PCI.2IPBSIX0LNLBQ@proxmox.com> (raw)
In-Reply-To: <20260213160415.609868-12-a.bied-charreton@proxmox.com>
On Fri Feb 13, 2026 at 5:04 PM CET, Arthur Bied-Charreton wrote:
> Add auth-method, as well as optional
> oauth2-{client-id,client-secret,tenant-id,refresh-token} parameters to
> prepare for OAuth2 support.
>
> The auth-method parameter was previously implicit and inferred by
> proxmox-notify based on the presence of a password. It is now made
> explicit, however still kept optional and explicitly inferred in the
> {update,create}_endpoint handlers to avoid breaking the API.
This should also mention the API restructuring and why it was done.
>
> Signed-off-by: Arthur Bied-Charreton <a.bied-charreton@proxmox.com>
> ---
> PVE/API2/Cluster/Notifications.pm | 110 +++++++++++++++++++++++-------
> 1 file changed, 87 insertions(+), 23 deletions(-)
>
> diff --git a/PVE/API2/Cluster/Notifications.pm b/PVE/API2/Cluster/Notifications.pm
> index 8b455227..e7acea49 100644
> --- a/PVE/API2/Cluster/Notifications.pm
> +++ b/PVE/API2/Cluster/Notifications.pm
> @@ -941,6 +941,13 @@ my $smtp_properties = {
> default => 'tls',
> optional => 1,
> },
> + 'auth-method' => {
> + description =>
> + 'Determine which authentication method shall be used for the connection.',
> + type => 'string',
> + enum => [qw(google-oauth2 microsoft-oauth2 plain none)],
> + optional => 1,
> + },
> username => {
> description => 'Username for SMTP authentication',
> type => 'string',
> @@ -951,6 +958,26 @@ my $smtp_properties = {
> type => 'string',
> optional => 1,
> },
> + 'oauth2-client-id' => {
> + description => 'OAuth2 client ID',
> + type => 'string',
> + optional => 1,
> + },
> + 'oauth2-client-secret' => {
> + description => 'OAuth2 client secret',
> + type => 'string',
> + optional => 1,
> + },
> + 'oauth2-tenant-id' => {
> + description => 'OAuth2 tenant ID',
The description here should probably mention that this is only needed
for microsoft-oauth2
> + type => 'string',
> + optional => 1,
> + },
> + 'oauth2-refresh-token' => {
> + description => 'OAuth2 refresh token',
> + type => 'string',
> + optional => 1,
> + },
> mailto => {
> type => 'array',
> items => {
> @@ -1108,6 +1135,11 @@ __PACKAGE__->register_method({
> my $mode = extract_param($param, 'mode');
> my $username = extract_param($param, 'username');
> my $password = extract_param($param, 'password');
> + my $auth_method = extract_param($param, 'auth-method');
> + my $oauth2_client_secret = extract_param($param, 'oauth2-client-secret');
> + my $oauth2_client_id = extract_param($param, 'oauth2-client-id');
> + my $oauth2_tenant_id = extract_param($param, 'oauth2-tenant-id');
> + my $oauth2_refresh_token = extract_param($param, 'oauth2-refresh-token');
> my $mailto = extract_param($param, 'mailto');
> my $mailto_user = extract_param($param, 'mailto-user');
> my $from_address = extract_param($param, 'from-address');
> @@ -1115,23 +1147,37 @@ __PACKAGE__->register_method({
> my $comment = extract_param($param, 'comment');
> my $disable = extract_param($param, 'disable');
>
> + if (!defined $auth_method) {
> + $auth_method = defined($password) ? 'plain' : 'none';
> + }
> +
> eval {
> PVE::Notify::lock_config(sub {
> my $config = PVE::Notify::read_config();
>
> $config->add_smtp_endpoint(
> - $name,
> - $server,
> - $port,
> - $mode,
> - $username,
> - $password,
> - $mailto,
> - $mailto_user,
> - $from_address,
> - $author,
> - $comment,
> - $disable,
> + {
> + name => $name,
> + server => $server,
> + port => $port,
> + mode => $mode,
> + username => $username,
> + 'auth-method' => $auth_method,
> + 'oauth2-client-id' => $oauth2_client_id,
> + 'oauth2-tenant-id' => $oauth2_tenant_id,
> + mailto => defined($mailto) ? $mailto : [],
> + 'mailto-user' => defined($mailto_user) ? $mailto_user : [],
> + 'from-address' => $from_address,
> + author => $author,
> + comment => $comment,
> + disable => $disable,
> + },
> + {
> + name => $name,
> + password => $password,
> + 'oauth2-client-secret' => $oauth2_client_secret,
> + },
> + $oauth2_refresh_token,
> );
>
> PVE::Notify::write_config($config);
> @@ -1187,6 +1233,11 @@ __PACKAGE__->register_method({
> my $mode = extract_param($param, 'mode');
> my $username = extract_param($param, 'username');
> my $password = extract_param($param, 'password');
> + my $auth_method = extract_param($param, 'auth-method');
> + my $oauth2_client_secret = extract_param($param, 'oauth2-client-secret');
> + my $oauth2_client_id = extract_param($param, 'oauth2-client-id');
> + my $oauth2_tenant_id = extract_param($param, 'oauth2-tenant-id');
> + my $oauth2_refresh_token = extract_param($param, 'oauth2-refresh-token');
> my $mailto = extract_param($param, 'mailto');
> my $mailto_user = extract_param($param, 'mailto-user');
> my $from_address = extract_param($param, 'from-address');
> @@ -1197,23 +1248,36 @@ __PACKAGE__->register_method({
> my $delete = extract_param($param, 'delete');
> my $digest = extract_param($param, 'digest');
>
> + if (!defined $auth_method) {
> + $auth_method = defined($password) ? 'plain' : 'none';
> + }
> +
> eval {
> PVE::Notify::lock_config(sub {
> my $config = PVE::Notify::read_config();
>
> $config->update_smtp_endpoint(
> $name,
> - $server,
> - $port,
> - $mode,
> - $username,
> - $password,
> - $mailto,
> - $mailto_user,
> - $from_address,
> - $author,
> - $comment,
> - $disable,
> + {
> + server => $server,
> + port => $port,
> + mode => $mode,
> + username => $username,
> + 'auth-method' => $auth_method,
> + 'oauth2-client-id' => $oauth2_client_id,
> + 'oauth2-tenant-id' => $oauth2_tenant_id,
> + mailto => defined($mailto) ? $mailto : [],
> + 'mailto-user' => defined($mailto_user) ? $mailto_user : [],
> + 'from-address' => $from_address,
> + author => $author,
> + comment => $comment,
> + disable => $disable,
> + },
> + {
> + password => $password,
> + 'oauth2-client-secret' => $oauth2_client_secret,
> + },
> + $oauth2_refresh_token,
> $delete,
> $digest,
> );
next prev parent reply other threads:[~2026-03-23 12:26 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-13 16:03 [PATCH cluster/docs/manager/proxmox{,-perl-rs,-widget-toolkit} 00/17] fix #7238: Add XOAUTH2 authentication support for SMTP notification targets Arthur Bied-Charreton
2026-02-13 16:03 ` [PATCH proxmox 1/7] notify (smtp): Introduce xoauth2 module Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 2/7] notify (smtp): Introduce state module Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:32 ` Arthur Bied-Charreton
2026-03-24 8:50 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 3/7] notify (smtp): Factor out transport building logic into own function Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 4/7] notify (smtp): Update API with OAuth2 parameters Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 5/7] notify (smtp): Add state handling logic Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox 6/7] notify (smtp): Add XOAUTH2 authentication support Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox 7/7] notify (smtp): Add logging and state-related error types Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox-perl-rs 1/1] notify (smtp): add oauth2 parameters to bindings Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:44 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox-widget-toolkit 1/2] utils: Add OAuth2 flow handlers Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox-widget-toolkit 2/2] notifications: Add opt-in OAuth2 support for SMTP targets Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:49 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-manager 1/5] notifications: Add OAuth2 parameters to schema and add/update endpoints Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner [this message]
2026-02-13 16:04 ` [PATCH pve-manager 2/5] notifications: Add trigger-state-refresh endpoint Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH pve-manager 3/5] notifications: Trigger notification target refresh in pveupdate Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-manager 4/5] notifications: Handle OAuth2 callback in login handler Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-manager 5/5] notifications: Opt into OAuth2 authentication Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-cluster 1/1] notifications: Add refresh_targets subroutine to PVE::Notify Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:54 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-docs 1/1] notifications: Add section about OAuth2 to SMTP targets docs Arthur Bied-Charreton
2026-03-23 12:25 ` [PATCH cluster/docs/manager/proxmox{,-perl-rs,-widget-toolkit} 00/17] fix #7238: Add XOAUTH2 authentication support for SMTP notification targets Lukas Wagner
2026-03-25 13:16 ` superseded: " Arthur Bied-Charreton
-- strict thread matches above, loose matches on Subject: below --
2026-02-04 16:13 [RFC cluster/docs/manager/proxmox{,-perl-rs,-widget-toolkit} 00/15] " Arthur Bied-Charreton
2026-02-04 16:13 ` [PATCH pve-manager 1/5] notifications: Add OAuth2 parameters to schema and add/update endpoints Arthur Bied-Charreton
2026-02-11 8:55 ` Lukas Wagner
2026-02-11 12:47 ` Arthur Bied-Charreton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DHA5SL3M0PCI.2IPBSIX0LNLBQ@proxmox.com \
--to=l.wagner@proxmox.com \
--cc=a.bied-charreton@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox