From 0c13bc863a903924ad355c38801529a43cf2d22d Mon Sep 17 00:00:00 2001
From: ralf <rb@egroupware.org>
Date: Tue, 14 Mar 2023 10:18:46 +0100
Subject: [PATCH] stop Chrome from autofilling passwords and do NOT display a
 password for OAuth when editing an account

---
 admin/inc/class.admin_mail.inc.php      | 9 ++++++++-
 admin/templates/default/mailaccount.xet | 8 ++++----
 api/src/Mail/Credentials.php            | 2 +-
 3 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/admin/inc/class.admin_mail.inc.php b/admin/inc/class.admin_mail.inc.php
index d2ff239a84..144016cb81 100644
--- a/admin/inc/class.admin_mail.inc.php
+++ b/admin/inc/class.admin_mail.inc.php
@@ -886,7 +886,7 @@ class admin_mail
 				{
 					$content['acc_id'] = key($content['accounts']);
 					//error_log(__METHOD__.__LINE__.'.'.array2string($content['acc_id']));
-					// test if the "to be selected" acccount is imap or not
+					// test if the "to be selected" account is imap or not
 					if (is_array($content['accounts']) && count($content['accounts'])>1 && Mail\Account::is_multiple($content['acc_id']))
 					{
 						try {
@@ -930,6 +930,13 @@ class admin_mail
 						$content['called_for'] : $GLOBALS['egw_info']['user']['account_id']);
 					$account->getUserData();	// quota, aliases, forwards etc.
 					$content += $account->params;
+					foreach(['acc_imap_password', 'acc_smtp_password'] as $n)
+					{
+						if (isset($content['acc_oauth_username']) && $content[$n] === Mail\Credentials::UNAVAILABLE)
+						{
+							unset($content[$n]);
+						}
+					}
 					$content['acc_sieve_enabled'] = (string)($content['acc_sieve_enabled']);
 					$content['notify_use_default'] = !$content['notify_account_id'];
 					self::fix_account_id_0($content['account_id']);
diff --git a/admin/templates/default/mailaccount.xet b/admin/templates/default/mailaccount.xet
index 7ae72aeee8..33a3b504d3 100644
--- a/admin/templates/default/mailaccount.xet
+++ b/admin/templates/default/mailaccount.xet
@@ -66,7 +66,7 @@
 				</row>
 				<row>
 					<et2-description  for="acc_imap_password" value="Password"></et2-description>
-					<et2-password  id="acc_imap_password" maxlength="128" autocomplete="off" placeholder="Leave empty to use OAuth, if supported"></et2-password>
+					<et2-password  id="acc_imap_password" maxlength="128" autocomplete="new-password" placeholder="Leave empty to use OAuth, if supported"></et2-password>
 					<et2-description  id="acc_imap_account_id" class="emailadmin_diagnostic"></et2-description>
 					<et2-description></et2-description>
 				</row>
@@ -97,7 +97,7 @@
 								</row>
 								<row>
 									<et2-description  for="acc_imap_admin_password" value="Password"></et2-description>
-									<et2-password  id="acc_imap_admin_password" maxlength="128" autocomplete="off"></et2-password>
+									<et2-password  id="acc_imap_admin_password" maxlength="128" autocomplete="new-password"></et2-password>
 								</row>
 								<row>
 									<et2-description></et2-description>
@@ -218,7 +218,7 @@
 				<row class="@manual_class">
 					<et2-description  for="acc_smtp_password" value="Password"></et2-description>
 					<et2-hbox>
-						<et2-password  id="acc_smtp_password" maxlength="128" autocomplete="off" placeholder="Leave empty to use OAuth, if supported"></et2-password>
+						<et2-password  id="acc_smtp_password" maxlength="128" autocomplete="new-password" placeholder="Leave empty to use OAuth, if supported"></et2-password>
 						<et2-description  id="acc_smtp_account_id" class="emailadmin_diagnostic"></et2-description>
 					</et2-hbox>
 				</row>
@@ -239,7 +239,7 @@
 				</row>
 				<row>
 					<et2-description  for="acc_spam_password" value="API Token"></et2-description>
-					<et2-password  id="acc_spam_password" width="95%" suggest="24" placeholder="@spamtitan_blur"></et2-password>
+					<et2-password  id="acc_spam_password" width="95%" suggest="24" autocomplete="new-password" placeholder="@spamtitan_blur"></et2-password>
 				</row>
 			</rows>
 		</grid>
diff --git a/api/src/Mail/Credentials.php b/api/src/Mail/Credentials.php
index eb4d336916..7771128a3a 100644
--- a/api/src/Mail/Credentials.php
+++ b/api/src/Mail/Credentials.php
@@ -251,7 +251,7 @@ class Credentials
 							if (empty($results[$pre.'username']))
 							{
 								$results[$pre.'username'] = $row['cred_username'];
-								$results[$pre.'password'] = '**oauth**';
+								$results[$pre.'password'] = self::UNAVAILABLE;
 							}
 						}
 					}