{"id":2030,"date":"2011-10-21T19:27:39","date_gmt":"2011-10-21T17:27:39","guid":{"rendered":"http:\/\/www.limilabs.com\/blog\/?p=2030"},"modified":"2023-08-05T10:02:57","modified_gmt":"2023-08-05T08:02:57","slug":"oauth-with-gmail","status":"publish","type":"post","link":"https:\/\/www.limilabs.com\/blog\/oauth-with-gmail","title":{"rendered":"OAuth 1.0 with Gmail (deprecated)"},"content":{"rendered":"\n<div class=\"well\"><strong>OAuth 1.0 is deprecated, switch to OAuth 2.0:<\/strong>\n<p>&nbsp;<\/p>\n<ul>\n<li><a href=\"\/blog\/oauth2-gmail-imap-web-applications\">OAuth 2.0 with Gmail over IMAP for web applications (Google.Apis)<\/a><\/li>\n<li><a href=\"\/blog\/oauth2-gmail-imap-installed-applications\">OAuth 2.0 with Gmail over IMAP for installed applications (Google.Apis)<\/a><\/li>\n<li><a href=\"\/blog\/oauth2-gmail-imap-service-account\">OAuth 2.0 with Gmail over IMAP for service account (Google.Apis)<\/a><\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><img decoding=\"async\" src=\"\/blog\/wp-content\/uploads\/2009\/11\/gmail.png\" alt=\"\" title=\"gmail\"\/><\/figure><\/div>\n\n\n\n<p><strong>OAuth <\/strong> is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.<\/p>\n\n\n\n<p>In this post<strong> I&#8217;ll show how to access Gmail<\/strong> account using 3-legged OAuth authentication method with Mail.dll <a href=\"\/mail\">.NET IMAP component<\/a>. The key advantage of this method is that it allows an application to access user email <strong>without knowing user&#8217;s password.<\/strong><\/p>\n\n\n\n<p>You can read more on OAuth authentication with Google accounts here:<br><a href=\"http:\/\/code.google.com\/apis\/accounts\/docs\/OAuth_ref.html\" rel=\"nofollow\">http:\/\/code.google.com\/apis\/accounts\/docs\/OAuth_ref.html<\/a><\/p>\n\n\n\n<p>Gmail IMAP and SMTP using OAuth:<br><a href=\"http:\/\/code.google.com\/apis\/gmail\/oauth\/protocol.html\" rel=\"nofollow\">http:\/\/code.google.com\/apis\/gmail\/oauth\/protocol.html<\/a><\/p>\n\n\n\n<p>If your application\/website is not registered, you should use following key and secret:<br>consumer key: &#8220;anonymous&#8221;<br>consumer secret: &#8220;anonymous&#8221;<\/p>\n\n\n\n<p>Remember to add reference to Mail.dll and appropriate namespaces.<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: csharp; title: ; notranslate\" title=\"\">\n\/\/ C#\n\nusing Limilabs.Client.IMAP;\nusing Limilabs.Client.Authentication;\nusing Limilabs.Client.Authentication.Google;\n\nconst string consumerKey = \"anonymous\";\nconst string consumerSecret = \"anonymous\";\n\nGmailOAuth oauth = new GmailOAuth(consumerKey, consumerSecret);\n\nstring url = oauth.GetAuthorizationUrl(\"http:\/\/localhost:64119\/\");\n\n\/\/ ASP.NET client:\n\/\/ Save oauth in permanent storage:\n\/\/ Cache&#x5B;oauth.RequestToken.Token] = oauth;\n\n\/\/ Windows client:\nProcess.Start(url);\n\n\/\/ ASP.NET client:\n\/\/ Response.Redirect(url);\n\n\/\/ Windows client with url:\nstring rawReturnUrl = Console.ReadLine();\nReturnUrl returnUrl = new ReturnUrl(rawReturnUrl);\noauth.GetAccessToken(returnUrl.OAuthVerifier);\n\n\/\/ Windows client with verification code (oob):\n\/\/ string oauthVerifier = HttpUtility.UrlDecode(Console.ReadLine());\n\/\/ oauth.GetAccessToken(oauthVerifier);\n\n\/\/ ASP.NET client:\n\/\/ ReturnUrl returnUrl = new ReturnUrl(Request.RawUrl);\n\/\/ Retrieve oauth from permanent storage:\n\/\/ GmailOAuth oauth = Cache&#x5B;returnUrl.OAuthToken]\n\/\/ oauth.GetAccessToken(returnUrl.OAuthVerifier);\n\nusing (Imap client = new Imap())\n{\n    client.ConnectSSL(\"imap.gmail.com\");\n    string oauthImapKey = oauth.GetXOAuthKeyForImap();\n    client.LoginOAUTH(oauthImapKey);\n\n    \/\/ Now you can access user's emails\n    \/\/...\n\n    client.Close();\n    oauth.RevokeToken(oauthImapKey);\n}\n<\/pre><\/div>\n\n\n<p>1.<br><strong>GmailOAuth.GetAuthorizationUrl<\/strong> method returns url you should redirect your user to, so he can authorize access.<br>As you can see, Mail.dll is asking for access to user&#8217;s email information and Gmail access:<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"\/blog\/wp-content\/uploads\/2011\/10\/GmailOAuth_Authorize.png\" alt=\"\" title=\"GmailOAuth_Authorize\"\/><\/figure><\/div>\n\n\n\n<p>2.<br>If you<strong> don&#8217;t specify callback<\/strong> parameter, user will have to <strong>manually <\/strong>copy&amp;paste the token to your application (oob):<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"\/blog\/wp-content\/uploads\/2011\/10\/GmailOAuth_OOBAuthorize.png\" alt=\"\" title=\"GmailOAuth_OOBAuthorize\"\/><\/figure><\/div>\n\n\n\n<p>In case of a <strong>web project<\/strong>, you can specify<strong> a web address on your website<\/strong>. oauth_verifier will be included as the redirection url parameter.<\/p>\n\n\n\n<p>After the redirection, your website\/application needs to<strong> read oauth_verifier query parameter<\/strong>:<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"\/blog\/wp-content\/uploads\/2011\/10\/GmailOAuth_Redirect.png\" alt=\"\" title=\"GmailOAuth_Redirect\"\/><\/figure><\/div>\n\n\n\n<p>3.<br><strong>GmailOAuth.GetAccessToken<\/strong> method authorizes the token.<\/p>\n\n\n\n<p>4.<br><strong>GmailOAuth.GetXOAuthKeyForImap<\/strong> method <strong>uses Google API to get the email address<\/strong> of the user, and generates XOAuth key for IMAP protocol (you can use GetXOAuthKeyForSmtp for SMTP).<\/p>\n\n\n\n<p>5.<br><strong>GmailOAuth.RevokeToken<\/strong> method <strong>revokes XOAuth key<\/strong>, so no further access can be made with it.<\/p>\n\n\n\n<p>&#8230;and finally VB.NET version of the code:<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: vb; title: ; notranslate\" title=\"\">\n' VB.NET\n\nImports Limilabs.Client.IMAP\nImports Limilabs.Client.Authentication\nImports Limilabs.Client.Authentication.Google\n\nConst  consumerKey As String = \"anonymous\"\nConst  consumerSecret As String = \"anonymous\"\n\nDim oauth As New GmailOAuth(consumerKey, consumerSecret)\n\nDim url As String = oauth.GetAuthorizationUrl(\"http:\/\/localhost:64119\/\")\n\n' ASP.NET client:\n' Save oauth in permanent storage:\n' Cache&#x5B;oauth.RequestToken.Token] = oauth;\n\n' Windows client:\nProcess.Start(url)\n\n' ASP.NET client:\n' Response.Redirect(url)\n\n' Windows client with url:\nDim rawReturnUrl As String = Console.ReadLine()\nDim returnUrl As New ReturnUrl(rawReturnUrl)\noauth.GetAccessToken(returnUrl.OAuthVerifier)\n\n' Windows client with verification code (oob):\n' Dim oauthVerifier As String = HttpUtility.UrlDecode(Console.ReadLine())\n' oauth.GetAccessToken(oauthVerifier)\n\n' ASP.NET client:\n' Dim returnUrl As New ReturnUrl(Request.RawUrl)\n' Retrive oauth from permanent storage:\n' Dim oauth As GmailOAuth = Cache(returnUrl.OAuthToken)\n' oauth.GetAccessToken(returnUrl.OAuthVerifier)\n\nUsing client As New Imap()\n\tclient.ConnectSSL(\"imap.gmail.com\")\n\tDim oauthImapKey As String = oauth.GetXOAuthKeyForImap()\n\tclient.LoginOAUTH(oauthImapKey)\n\n\t' Now you can access user's emails\n\t'...\n\n\tclient.Close()\n\toauth.RevokeToken(oauthImapKey)\nEnd Using\n<\/pre><\/div>","protected":false},"excerpt":{"rendered":"<p>OAuth 1.0 is deprecated, switch to OAuth 2.0: &nbsp; OAuth 2.0 with Gmail over IMAP for web applications (Google.Apis) OAuth 2.0 with Gmail over IMAP for installed applications (Google.Apis) OAuth 2.0 with Gmail over IMAP for service account (Google.Apis) OAuth is an open protocol to allow secure API authorization in a simple and standard method [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[15,25,28,77,41,57,68],"class_list":["post-2030","post","type-post","status-publish","format-standard","hentry","category-mail-dll","tag-c","tag-gmail","tag-imap","tag-imap-component","tag-oauth","tag-vb-net","tag-xoauth"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/2030"}],"collection":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/comments?post=2030"}],"version-history":[{"count":28,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/2030\/revisions"}],"predecessor-version":[{"id":6509,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/posts\/2030\/revisions\/6509"}],"wp:attachment":[{"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/media?parent=2030"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/categories?post=2030"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.limilabs.com\/blog\/wp-json\/wp\/v2\/tags?post=2030"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}