Posts Tagged ‘XOAuth’

OAuth with Gmail

Friday, October 21st, 2011

OAuth is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.

In this post I’ll show how to access Gmail account using 3-legged OAuth authentication method with Mail.dll .NET IMAP component. The key advantage of this method is that it allows an application to access user email without knowing user’s password.

You can read more on OAuth authentication with Google accounts here:
http://code.google.com/apis/accounts/docs/OAuth_ref.html

Gmail IMAP and SMTP using OAuth:
http://code.google.com/apis/gmail/oauth/protocol.html

If your application/website is not registered, you should use following key and secret:
consumer key: “anonymous”
consumer secret: “anonymous”

Remember to add reference to Mail.dll and appropriate namespaces.

// C#

using Limilabs.Client.IMAP;
using Limilabs.Client.Authentication;
using Limilabs.Client.Authentication.Google;

const string consumerKey = "anonymous";
const string consumerSecret = "anonymous";

GmailOAuth oauth = new GmailOAuth(consumerKey, consumerSecret);

string url = oauth.GetAuthorizationUrl("http://localhost:64119/");

// ASP.NET client:
// Save oauth in permanent storage:
// Cache[oauth.RequestToken.Token] = oauth;

// Windows client:
Process.Start(url);

// ASP.NET client:
// Response.Redirect(url);

// Windows client with url:
string rawReturnUrl = Console.ReadLine();
ReturnUrl returnUrl = new ReturnUrl(rawReturnUrl);
oauth.GetAccessToken(returnUrl.OAuthVerifier);

// Windows client with verification code (oob):
// string oauthVerifier = HttpUtility.UrlDecode(Console.ReadLine());
// oauth.GetAccessToken(oauthVerifier);

// ASP.NET client: 
// ReturnUrl returnUrl = new ReturnUrl(Request.RawUrl);
// Retrieve oauth from permanent storage:
// GmailOAuth oauth = Cache[returnUrl.OAuthToken]
// oauth.GetAccessToken(returnUrl.OAuthVerifier);

using (Imap client = new Imap())
{
    client.ConnectSSL("imap.gmail.com");
    string oauthImapKey = oauth.GetXOAuthKeyForImap();
    client.LoginOAUTH(oauthImapKey);

    // Now you can access user's emails
    //...

    client.Close();
    oauth.RevokeToken(oauthImapKey);
}

1.
GmailOAuth.GetAuthorizationUrl method returns url you should redirect your user to, so he can authorize access.
As you can see, Mail.dll is asking for access to user’s email information and Gmail access:

2.
If you don’t specify callback parameter, user will have to manually copy&paste the token to your application (oob):

In case of a web project, you can specify a web address on your website. oauth_verifier will be included as the redirection url parameter.

After the redirection, your website/application needs to read oauth_verifier query parameter:

3.
GmailOAuth.GetAccessToken method authorizes the token.

4.
GmailOAuth.GetXOAuthKeyForImap method uses Google API to get the email address of the user, and generates XOAuth key for IMAP protocol (you can use GetXOAuthKeyForSmtp for SMTP).

5.
GmailOAuth.RevokeToken method revokes XOAuth key, so no further access can be made with it.

…and finally VB.NET version of the code:

' VB.NET

Imports Limilabs.Client.IMAP
Imports Limilabs.Client.Authentication
Imports Limilabs.Client.Authentication.Google

Const  consumerKey As String = "anonymous"
Const  consumerSecret As String = "anonymous"

Dim oauth As New GmailOAuth(consumerKey, consumerSecret)

Dim url As String = oauth.GetAuthorizationUrl("http://localhost:64119/")

' ASP.NET client: 
' Save oauth in permanent storage:
' Cache[oauth.RequestToken.Token] = oauth;

' Windows client:
Process.Start(url)

' ASP.NET client: 
' Response.Redirect(url)

' Windows client with url:
Dim rawReturnUrl As String = Console.ReadLine()
Dim returnUrl As New ReturnUrl(rawReturnUrl)
oauth.GetAccessToken(returnUrl.OAuthVerifier)

' Windows client with verification code (oob):
' Dim oauthVerifier As String = HttpUtility.UrlDecode(Console.ReadLine())
' oauth.GetAccessToken(oauthVerifier)

' ASP.NET client: 
' Dim returnUrl As New ReturnUrl(Request.RawUrl)
' Retrive oauth from permanent storage:
' Dim oauth As GmailOAuth = Cache(returnUrl.OAuthToken)
' oauth.GetAccessToken(returnUrl.OAuthVerifier)

Using client As New Imap()
	client.ConnectSSL("imap.gmail.com")
	Dim oauthImapKey As String = oauth.GetXOAuthKeyForImap()
	client.LoginOAUTH(oauthImapKey)

	' Now you can access user's emails
	'...

	client.Close()
	oauth.RevokeToken(oauthImapKey)
End Using

2-legged OAuth with Gmail

Friday, October 21st, 2011

OAuth is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.

In this post I’ll show how to access Gmail account using 2-legged OAuth authentication method and .NET IMAP component. The basic idea is that domain administrator can use this method to access user email without knowing user’s password.

You can read more on OAuth authentication with Google accounts here:
http://code.google.com/apis/accounts/docs/OAuth_ref.html

Gmail IMAP and SMTP using OAuth:
http://code.google.com/apis/gmail/oauth/protocol.html

Remember to add reference to Mail.dll and appropriate namespaces.

// C#

using Limilabs.Client.IMAP;
using Limilabs.Client.Authentication;
using Limilabs.Client.Authentication.Google;


const string consumerKey = "example.com";
const string consumerSecret = "secret";
const string email = "pat@example.com";

Gmail2LeggedOAuth oauth = new Gmail2LeggedOAuth(
    consumerKey, consumerSecret);

using (Imap client = new Imap())
{
    client.ConnectSSL("imap.gmail.com");

    string oauthImapKey = oauth.GetXOAuthKeyForImap(email);

    client.LoginOAUTH(oauthImapKey);

    //...

    client.Close();
}
' VB.NET

Imports Limilabs.Client.IMAP
Imports Limilabs.Client.Authentication
Imports Limilabs.Client.Authentication.Google


Const  consumerKey As String = "example.com"
Const  consumerSecret As String = "secret"
Const  email As String = "pat@example.com"

Dim oauth As New Gmail2LeggedOAuth(consumerKey, consumerSecret)

Using client As New Imap()
	client.ConnectSSL("imap.gmail.com")

	Dim oauthImapKey As String = oauth.GetXOAuthKeyForImap(email)

	client.LoginOAUTH(oauthImapKey)

	'...

	client.Close()
End Using

Here are the google apps configuration screens:

Gmail extensions in Mail.dll

Monday, June 13th, 2011


Here’s the list of Gmail IMAP protocol extensions implemented in Mail.dll:

  • Extension of the LIST command: XLIST
  • Extension of the SEARCH command: X-GM-RAW
  • Access to the Gmail unique message ID: X-GM-MSGID
  • Access to the Gmail thread ID: X-GM-THRID
  • Access to Gmail labels: X-GM-LABELS
  • OAuth and OAuth 2.0: XOAUTH, XOAUTH2

You can read on how to use Mail.dll with Gmail in the following articles:

OAuth 2.0

OAuth 1.0

2-legged OAuth with IMAP

Wednesday, January 12th, 2011

OAuth is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.

This article describes generic OAuth class.
If you are using Gmail please read 2-legged OAuth authentication with Gmail.

Remember to add reference to Mail.dll .NET IMAP component and appropriate namespaces.

// C#

using Limilabs.Client.Authentication;
using Limilabs.Client.IMAP;

string consumerKey = "your_domain.com";
string consumerSecret = "your_oauth_consumer_secret";
string emailAccount = "address@your_domain.com";

using (Imap client = new Imap())
{
    client.ConnectSSL("imap.gmail.com");

    string imapUrl = string.Format(
        "https://mail.google.com/mail/b/{0}/imap/?xoauth_requestor_id={1}",
        emailAccount,
        HttpUtility.UrlEncode(emailAccount));

    string oauthImapKey = OAuth.ForUrl(imapUrl)
        .Consumer(consumerKey, consumerSecret)
        .SignatureMethod(SignatureType.HMACSHA1)
        .Sign()
        .GetXOAuthKeyForImap();

    client.LoginOAUTH(oauthImapKey);

    //...

    client.Close();
}
' VB.NET

Imports Limilabs.Client.Authentication
Imports Limilabs.Client.IMAP

Dim consumerKey As String = "example.com"
Dim consumerSecret As String = "secret"
Dim emailAccount As String = "pat@example.com"

Using client As New Imap()
    client.ConnectSSL("imap.gmail.com")

    Dim imapUrl As String = String.Format( _
        "https://mail.google.com/mail/b/{0}/imap/?xoauth_requestor_id={1}", _
        emailAccount, _
        HttpUtility.UrlEncode(emailAccount))

    Dim oauthImapKey As String = OAuth.ForUrl(imapUrl) _
        .Consumer(consumerKey, consumerSecret) _
        .SignatureMethod(SignatureType.HMACSHA1) _
        .Sign() _
        .GetXOAuthKeyForImap()

    client.LoginOAUTH(oauthImapKey)

    '...

    client.Close()
End Using

OAuth with IMAP

Monday, June 28th, 2010

OAuth is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.

This article describes generic OAuth class.
If you are using Gmail please read OAuth authentication with Gmail.

The following code makes several HTTP requests to authenticate your application. It also fires up the web browser, so the user can allow or deny the application to access his emails.

Remember to add reference to Mail.dll and appropriate namespaces.

1.

// C#

using Limilabs.Client.Authentication;
using Limilabs.Client.IMAP;


const string consumerKey = "anonymous";
const string consumerSecret = "anonymous";


// Get request token
ParameterList parameters1 = OAuth.ForUrl(
        "https://www.google.com/accounts/OAuthGetRequestToken")
    .Consumer(consumerKey, consumerSecret)
    .AddParameter("scope", "https://mail.google.com/")
   .AddParameter(OAuthParameterName.OAuthCallback, "oob")
    .Sign()
    .ExecuteWebRequest();

// Authorize token
string url2 = OAuth.ForUrl(
        "https://www.google.com/accounts/OAuthAuthorizeToken")
   .Consumer(consumerKey, consumerSecret)
   .Token(parameters1.GetValue(OAuthParameterName.OAuthToken))
   .TokenSecret(parameters1.GetValue(OAuthParameterName.OAuthTokenSecret))
   .Sign()
   .GetUrl();

// Fire up the browser.
Process.Start(url2);
// You can use Response.Redirect(url) in ASP.NET

2.
The user needs now to log-in to Gmail account (note that user does not enter credentials in your application):

3.
Then he needs to allow your application to access Gmail:

4.
If you don’t specify callback parameter, user will have to manually copy&paste the token to your application:

In case of a web project, instead of oob value as OAuthCallback parameter, you can specify a web address on your website. oauth_verifier will be included as the redirection url parameter.

After the redirection, your website/application needs to read oauth_verifier query parameter:

5.

// C#

Console.WriteLine("Please enter the key: ");
string oauth_verifier = Console.ReadLine();
// You can use Request["oauth_verifier"].ToString() in ASP.NET

// Get access token
ParameterList parameters3 = OAuth.ForUrl(
        "https://www.google.com/accounts/OAuthGetAccessToken")
   .Consumer(consumerKey, consumerSecret)
   .Token(parameters1.GetValue(OAuthParameterName.OAuthToken))
   .TokenSecret(parameters1.GetValue(OAuthParameterName.OAuthTokenSecret))
   .AddParameter("oauth_verifier", oauth_verifier)
   .Sign()
   .ExecuteWebRequest();


// Log-in to IMAP server using XOAuth
using (Imap client = new Imap())
{
    client.ConnectSSL("imap.gmail.com");

    string imapUrl = string.Format(
        "https://mail.google.com/mail/b/{0}/imap/", userEmailAccount);

    string oauthImapKey = OAuth.ForUrl(imapUrl)
        .Consumer(consumerKey, consumerSecret)
        .Token(parameters3.GetValue(OAuthParameterName.OAuthToken))
        .TokenSecret(parameters3.GetValue(OAuthParameterName.OAuthTokenSecret))
        .Sign()
        .GetXOAuthKeyForImap();

    client.LoginOAUTH(oauthImapKey);

    // Now you can access user's emails.
    //...

    client.Close();
}

Here’s the VB.NET version of the code samples:

Remember to add reference to Maill.dll and appropriate namespaces.

1.

' VB.NET

import Limilabs.Client.Authentication
import Limilabs.Client.IMAP

Const  consumerKey As String = "anonymous"
Const  consumerSecret As String = "anonymous"


' Gget request token
Dim parameters1 As ParameterList = OAuth _
	.ForUrl("https://www.google.com/accounts/OAuthGetRequestToken") _
	.Consumer(consumerKey, consumerSecret) _
	.AddParameter("scope", "https://mail.google.com/") _
	.AddParameter(OAuthParameterName.OAuthCallback, "oob") _
	.Sign() _
	.ExecuteWebRequest()


' Authorize token
Dim url2 As String = OAuth _
	.ForUrl("https://www.google.com/accounts/OAuthAuthorizeToken") _
	.Consumer(consumerKey, consumerSecret) _
	.Token(parameters1.GetValue(OAuthParameterName.OAuthToken)) _
	.TokenSecret(parameters1.GetValue(OAuthParameterName.OAuthTokenSecret)) _
	.Sign() _
	.GetUrl()


' Fire up the browser
Process.Start(url2)
' You can use Response.Redirect(url) in ASP.NET

2.
First the user needs to log in to Gmail account (note that user does not enter credentials in your application):

3.
Then he needs to allow your application to access Gmail:

4.
If you don’t specify callback parameter, user will have to manually copy&paste the token to your application:

In case of a web project, instead of oob value as OAuthCallback parameter, you can specify a web address on your website. oauth_verifier will be included as the redirection url parameter.

After the redirection, your website/application needs to read oauth_verifier query parameter:

5.

' VB.NET

Console.WriteLine("Please enter the key: ")
Dim oauth_verifier As String = Console.ReadLine().Trim()
' You can use Request("oauth_verifier").ToString() in ASP.NET

' Third: get access token
Dim parameters3 As ParameterList = OAuth _
	.ForUrl("https://www.google.com/accounts/OAuthGetAccessToken") _
	.Consumer(consumerKey, consumerSecret) _
	.Token(parameters1.GetValue(OAuthParameterName.OAuthToken)) _
	.TokenSecret(parameters1.GetValue(OAuthParameterName.OAuthTokenSecret)) _
	.AddParameter("oauth_verifier", oauth_verifier) _
	.Sign() _
	.ExecuteWebRequest()


' Log-in to IMAP server using XOAuth
Using client As New Imap()
	client.ConnectSSL("imap.gmail.com")

	Dim imapUrl As String = String.Format("https://mail.google.com/mail/b/{0}/imap/", userEmailAccount)

	Dim oauthImapKey As String = OAuth.ForUrl(imapUrl) _
		.Consumer(consumerKey, consumerSecret) _
		.Token(parameters3.GetValue(OAuthParameterName.OAuthToken)) _
		.TokenSecret(parameters3.GetValue(OAuthParameterName.OAuthTokenSecret)) _
		.Sign() _
		.GetXOAuthKeyForImap()

	client.LoginOAUTH(oauthImapKey)

	' Now you can access user's emails.
	' ...

	client.Close()
End Using