dovecot - May 2018 - OAUTH2 + proxying [host=??]

All,

We currently use a proxy configuration with an sql query to authenticate
and discover which backend server an address belongs to and proxy the
connection to that host to authenticate and retrieve mail. We are
looking to move to OAUTH2 for authentication and am just trying to
figure how how to get that extra host information as part of the passdb
query when using this mechanism. Looking at doco if we were running a
director setup (which we are not) that process seems to be able to poke
that info into response but  is there any other way of doing this ?
Should we be getting or can we get OAUTH2 to return extra fields and
configure the pass_attrs to be host=%{passdb:proxyToHost} or something
like that ?

Any information/thoughts would be good to hear.

rgds

Matt

On 30.05.2018 01:46, DevOps wrote:
> All,
>
> We currently use a proxy configuration with an sql query to authenticate
> and discover which backend server an address belongs to and proxy the
> connection to that host to authenticate and retrieve mail. We are
> looking to move to OAUTH2 for authentication and am just trying to
> figure how how to get that extra host information as part of the passdb
> query when using this mechanism. Looking at doco if we were running a
> director setup (which we are not) that process seems to be able to poke
> that info into response but  is there any other way of doing this ?
> Should we be getting or can we get OAUTH2 to return extra fields and
> configure the pass_attrs to be host=%{passdb:proxyToHost} or something
> like that ?
>
> Any information/thoughts would be good to hear.
>
> rgds
>
> Matt
>
>
>
Hi!

The oauth2 support in dovecot will parse any flat JSON object sent as
reply and store all the keys as oauth:<key> for passdb use.

You can use host=%{oauth:host}

Aki