Forum > Networking and Web Programming

Integrating OAuth2 into email program

<< < (2/3) > >>

rvk:

--- Quote from: QEnnay on June 25, 2022, 07:30:43 pm ---I will check out the rvk GitHub. I will also do a search here for Beni Bela  as I could not find a mention of OAuth on his web-pages.

--- End quote ---
You also saw my remark that you could use an app password and wouldn't need to change anything in your program?

Of course, if this is for third parties who you don't want to go through the trouble of creating an app password for themselves, OAuth2 is the way to go.

My github page https://github.com/rvk01/google-oauth2
(It's been awhile :) )

QEnnay:

--- Quote from: rvk on June 25, 2022, 01:35:35 am ---Really? I'm not aware of that.

--- End quote ---

You (and another) assume way too much.

In order for our email client to access gmail and download new email it had to be via the POP3 option in gmail. That then mandated "use less secure apps" to be checked. The gmail "less secure" has now been blocked as an option. See here: https://support.google.com/accounts/answer/6010255?hl=en

Next assumption: Not everyone in the US has a cell phone. We are out in the boonies and nearest cell tower is 152 miles away. Why would we buy a cell phone when we have good old copper-wire DSL?. To set up OAuth2 on google-account requires a cell phone to validate the app-password about to be generated or entered. I entered our landline number and got a message "enter a real phone number." or something like that and FU to google.  %)

I should not have to give lengthy descriptions of our living situations in an OP when a simple answer to the question asked would suffice as kindly proffered by @Soner.

Perhaps I could have been a little more specific with the POP3 statement, but figured since I also mentioned POP3/SMTP and gmail, an alert reader would tie those two together.

Dare I suggest a little less "glib" and a little more "help." This is after all, a Help forum, no?

I have not yet looked at your GitHub but may get to it later as a last resort. <-- Joking OK?

rvk:

--- Quote from: QEnnay on June 25, 2022, 07:44:16 pm ---In order for our email client to access gmail and download new email it had to be via the POP3 option in gmail. That then mandated "use less secure apps" to be checked. The gmail "less secure" has now been blocked as an option. See here: https://support.google.com/accounts/answer/6010255?hl=en
--- End quote ---
I thought POP3 didn't need an app password. I was wrong. It does from now on.


--- Quote ---Sending of password for user zzzz did not succeed. Mail server pop.gmail.com responded: Application-specific password required: https://support.google.com/accounts/answer/185833
--- End quote ---


--- Quote from: QEnnay on June 25, 2022, 07:44:16 pm ---Next assumption: Not everyone in the US has a cell phone. We are out in the boonies and nearest cell tower is 152 miles away. Why would we buy a cell phone when we have good old copper-wire DSL?. To set up OAuth2 on google-account requires a cell phone to validate the app-password about to be generated or entered. I entered our landline number and got a message "enter a real phone number." or something like that and FU to google.  %)
--- End quote ---
There are other methods of 2FA authentication (like Google authenticator on your phone or tablet without the need for a phone number).
See: https://foxnomad.com/2014/09/11/enable-use-two-factor-authentication-without-phone
How To Enable And Use Two Factor Authentication Without A Phone Number


--- Quote from: QEnnay on June 25, 2022, 07:44:16 pm ---I should not have to give lengthy descriptions of our living situations in an OP when a simple answer to the question asked would suffice as kindly proffered by @Soner.
Perhaps I could have been a little more specific with the POP3 statement, but figured since I also mentioned POP3/SMTP and gmail, an alert reader would tie those two together.
Dare I suggest a little less "glib" and a little more "help." This is after all, a Help forum, no?
--- End quote ---
I'm not sure why you typed this?

Was my post not helpful?
I just mentioned that you can still use app passwords without changing anything in your program.
I think that would be perfect for you (no need for OAuth2 code and no need to change any code at all).

Otherwise you could use my code for OAuth2 on github.
So, I'm not sure how my answer was anything but helpful.

Edit: For OAuth2 you will need to setup your own project to get a client_id and client_secret.
You can create an project for Internal use (so no need for submitting it for verification). For External use you will need to submit it for verification.
If you need help with that just let us know.

Edit #2: I also see the code on my github isn't updates in 5 or 6 years.
It doesn't work flawlessly anymore. I do use some of this code in Delphi where it still works so if you need OAuth2, let me know so I can figure out what to do to make it work.

Remy Lebeau:

--- Quote from: QEnnay on June 25, 2022, 07:44:16 pm ---In order for our email client to access gmail and download new email it had to be via the POP3 option in gmail.

--- End quote ---

Is there a particular reason why you settled on POP3 and not IMAP for that?


--- Quote from: QEnnay on June 25, 2022, 07:44:16 pm ---
That then mandated "use less secure apps" to be checked. The gmail "less secure" has now been blocked as an option. See here: https://support.google.com/accounts/answer/6010255?hl=en

--- End quote ---

That is not true. It is not blocked, it is merely turned off by default. You can still turn it back on if you want. The page you linked to even says so.

rvk:

--- Quote from: Remy Lebeau on June 25, 2022, 09:23:01 pm ---
--- Quote from: QEnnay on June 25, 2022, 07:44:16 pm ---
That then mandated "use less secure apps" to be checked. The gmail "less secure" has now been blocked as an option. See here: https://support.google.com/accounts/answer/6010255?hl=en

--- End quote ---

That is not true. It is not blocked, it is merely turned off by default. You can still turn it back on if you want. The page you linked to even says so.

--- End quote ---
Are you sure? I can't check because I have 2FA. But I thought so called “less secure apps” will no longer be able to access your Gmail as of May 30, 2022.

From that page

--- Quote ---To help keep your account secure, from May 30, 2022, ​​Google no longer supports the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password.

--- End quote ---

The only method now for accessing gmail via pop/smtp/imap is an app password or Google OAuth2.

Edit: yup. It's definitely not available anymore.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version