diff --git a/lib/imap.c b/lib/imap.c
index 23b020be4..37feff429 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -105,6 +105,10 @@ static CURLcode imap_sendf(struct connectdata *conn, const char *fmt, ...);
 static CURLcode imap_parse_url_options(struct connectdata *conn);
 static CURLcode imap_parse_url_path(struct connectdata *conn);
 static CURLcode imap_parse_custom_request(struct connectdata *conn);
+static CURLcode imap_calc_sasl_details(struct connectdata *conn,
+                                       const char **mech,
+                                       char **initresp, size_t *len,
+                                       imapstate *state1, imapstate *state2);
 
 /*
  * IMAP protocol handler.
@@ -598,7 +602,6 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn,
 static CURLcode imap_perform_authentication(struct connectdata *conn)
 {
   CURLcode result = CURLE_OK;
-  struct SessionHandle *data = conn->data;
   struct imap_conn *imapc = &conn->proto.imapc;
   const char *mech = NULL;
   char *initresp = NULL;
@@ -614,73 +617,9 @@ static CURLcode imap_perform_authentication(struct connectdata *conn)
     return result;
   }
 
-  /* Calculate the supported authentication mechanism, by decreasing order of
-     security, as well as the initial response where appropriate */
-#ifndef CURL_DISABLE_CRYPTO_AUTH
-  if((imapc->authmechs & SASL_MECH_DIGEST_MD5) &&
-     (imapc->prefmech & SASL_MECH_DIGEST_MD5)) {
-    mech = SASL_MECH_STRING_DIGEST_MD5;
-    state1 = IMAP_AUTHENTICATE_DIGESTMD5;
-    imapc->authused = SASL_MECH_DIGEST_MD5;
-  }
-  else if((imapc->authmechs & SASL_MECH_CRAM_MD5) &&
-          (imapc->prefmech & SASL_MECH_CRAM_MD5)) {
-    mech = SASL_MECH_STRING_CRAM_MD5;
-    state1 = IMAP_AUTHENTICATE_CRAMMD5;
-    imapc->authused = SASL_MECH_CRAM_MD5;
-  }
-  else
-#endif
-#ifdef USE_NTLM
-    if((imapc->authmechs & SASL_MECH_NTLM) &&
-       (imapc->prefmech & SASL_MECH_NTLM)) {
-    mech = SASL_MECH_STRING_NTLM;
-    state1 = IMAP_AUTHENTICATE_NTLM;
-    state2 = IMAP_AUTHENTICATE_NTLM_TYPE2MSG;
-    imapc->authused = SASL_MECH_NTLM;
-
-    if(imapc->ir_supported || data->set.sasl_ir)
-      result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
-                                                   &conn->ntlm,
-                                                   &initresp, &len);
-  }
-  else
-#endif
-  if(((imapc->authmechs & SASL_MECH_XOAUTH2) &&
-      (imapc->prefmech & SASL_MECH_XOAUTH2) &&
-      (imapc->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
-    mech = SASL_MECH_STRING_XOAUTH2;
-    state1 = IMAP_AUTHENTICATE_XOAUTH2;
-    state2 = IMAP_AUTHENTICATE_FINAL;
-    imapc->authused = SASL_MECH_XOAUTH2;
-
-    if(imapc->ir_supported || data->set.sasl_ir)
-      result = Curl_sasl_create_xoauth2_message(conn->data, conn->user,
-                                                conn->xoauth2_bearer,
-                                                &initresp, &len);
-  }
-  else if((imapc->authmechs & SASL_MECH_LOGIN) &&
-     (imapc->prefmech & SASL_MECH_LOGIN)) {
-    mech = SASL_MECH_STRING_LOGIN;
-    state1 = IMAP_AUTHENTICATE_LOGIN;
-    state2 = IMAP_AUTHENTICATE_LOGIN_PASSWD;
-    imapc->authused = SASL_MECH_LOGIN;
-
-    if(imapc->ir_supported || data->set.sasl_ir)
-      result = Curl_sasl_create_login_message(conn->data, conn->user,
-                                              &initresp, &len);
-  }
-  else if((imapc->authmechs & SASL_MECH_PLAIN) &&
-          (imapc->prefmech & SASL_MECH_PLAIN)) {
-    mech = SASL_MECH_STRING_PLAIN;
-    state1 = IMAP_AUTHENTICATE_PLAIN;
-    state2 = IMAP_AUTHENTICATE_FINAL;
-    imapc->authused = SASL_MECH_PLAIN;
-
-    if(imapc->ir_supported || data->set.sasl_ir)
-      result = Curl_sasl_create_plain_message(conn->data, conn->user,
-                                              conn->passwd, &initresp, &len);
-  }
+  /* Calculate the SASL login details */
+  result = imap_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
+                                  &state2);
 
   if(!result) {
     if(mech && (imapc->preftype & IMAP_TYPE_SASL)) {
@@ -2543,4 +2482,89 @@ static CURLcode imap_parse_custom_request(struct connectdata *conn)
   return result;
 }
 
+/***********************************************************************
+ *
+ * imap_calc_sasl_details()
+ *
+ * Calculate the required login details for SASL authentication.
+ */
+static CURLcode imap_calc_sasl_details(struct connectdata *conn,
+                                       const char **mech,
+                                       char **initresp, size_t *len,
+                                       imapstate *state1, imapstate *state2)
+{
+  CURLcode result = CURLE_OK;
+  struct SessionHandle *data = conn->data;
+  struct imap_conn *imapc = &conn->proto.imapc;
+
+  /* Calculate the supported authentication mechanism, by decreasing order of
+     security, as well as the initial response where appropriate */
+#ifndef CURL_DISABLE_CRYPTO_AUTH
+  if((imapc->authmechs & SASL_MECH_DIGEST_MD5) &&
+     (imapc->prefmech & SASL_MECH_DIGEST_MD5)) {
+    *mech = SASL_MECH_STRING_DIGEST_MD5;
+    *state1 = IMAP_AUTHENTICATE_DIGESTMD5;
+    imapc->authused = SASL_MECH_DIGEST_MD5;
+  }
+  else if((imapc->authmechs & SASL_MECH_CRAM_MD5) &&
+          (imapc->prefmech & SASL_MECH_CRAM_MD5)) {
+    *mech = SASL_MECH_STRING_CRAM_MD5;
+    *state1 = IMAP_AUTHENTICATE_CRAMMD5;
+    imapc->authused = SASL_MECH_CRAM_MD5;
+  }
+  else
+#endif
+#ifdef USE_NTLM
+    if((imapc->authmechs & SASL_MECH_NTLM) &&
+       (imapc->prefmech & SASL_MECH_NTLM)) {
+    *mech = SASL_MECH_STRING_NTLM;
+    *state1 = IMAP_AUTHENTICATE_NTLM;
+    *state2 = IMAP_AUTHENTICATE_NTLM_TYPE2MSG;
+    imapc->authused = SASL_MECH_NTLM;
+
+    if(imapc->ir_supported || data->set.sasl_ir)
+      result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
+                                                   &conn->ntlm,
+                                                   initresp, len);
+  }
+  else
+#endif
+  if(((imapc->authmechs & SASL_MECH_XOAUTH2) &&
+      (imapc->prefmech & SASL_MECH_XOAUTH2) &&
+      (imapc->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
+    *mech = SASL_MECH_STRING_XOAUTH2;
+    *state1 = IMAP_AUTHENTICATE_XOAUTH2;
+    *state2 = IMAP_AUTHENTICATE_FINAL;
+    imapc->authused = SASL_MECH_XOAUTH2;
+
+    if(imapc->ir_supported || data->set.sasl_ir)
+      result = Curl_sasl_create_xoauth2_message(data, conn->user,
+                                                conn->xoauth2_bearer,
+                                                initresp, len);
+  }
+  else if((imapc->authmechs & SASL_MECH_LOGIN) &&
+          (imapc->prefmech & SASL_MECH_LOGIN)) {
+    *mech = SASL_MECH_STRING_LOGIN;
+    *state1 = IMAP_AUTHENTICATE_LOGIN;
+    *state2 = IMAP_AUTHENTICATE_LOGIN_PASSWD;
+    imapc->authused = SASL_MECH_LOGIN;
+
+    if(imapc->ir_supported || data->set.sasl_ir)
+      result = Curl_sasl_create_login_message(data, conn->user, initresp, len);
+  }
+  else if((imapc->authmechs & SASL_MECH_PLAIN) &&
+          (imapc->prefmech & SASL_MECH_PLAIN)) {
+    *mech = SASL_MECH_STRING_PLAIN;
+    *state1 = IMAP_AUTHENTICATE_PLAIN;
+    *state2 = IMAP_AUTHENTICATE_FINAL;
+    imapc->authused = SASL_MECH_PLAIN;
+
+    if(imapc->ir_supported || data->set.sasl_ir)
+      result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
+                                              initresp, len);
+  }
+
+  return result;
+}
+
 #endif /* CURL_DISABLE_IMAP */