oauth2 and imap connection with Gmail - McMap

About

oauth2 and imap connection with Gmail

Asked 31/7, 2013 at 17:8 Answered 1/8, 2013 at 17:23

oauth-2.0 imap google-oauth gmail-imap imaplib

S

1

1

I need to use oauth2 and imap to connect with Gmail, and I can see the code from https://github.com/simplegeo/python-oauth2:

import oauth2 as oauth
import oauth2.clients.imap as imaplib

# Set up your Consumer and Token as per usual. Just like any other
# three-legged OAuth request.
consumer = oauth.Consumer('your_consumer_key', 'your_consumer_secret')
token = oauth.Token('your_users_3_legged_token', 'your_users_3_legged_token_secret')

# Setup the URL according to Google's XOAUTH implementation. Be sure
# to replace the email here with the appropriate email address that
# you wish to access.
url = "https://mail.google.com/mail/b/[email protected]/imap/"

conn = imaplib.IMAP4_SSL('imap.googlemail.com')
conn.debug = 4 

# This is the only thing in the API for impaplib.IMAP4_SSL that has 
# changed. You now authenticate with the URL, consumer, and token.
conn.authenticate(url, consumer, token)

# Once authenticated everything from the impalib.IMAP4_SSL class will 
# work as per usual without any modification to your code.
conn.select('INBOX')
print conn.list()

But I cannot understand the Consumer and Token here.

What do they mean?
How can I get key and secret for them respectively?
The client_id and client_secret I got from https://code.google.com/p/google-mail-oauth2-tools/wiki/OAuth2DotPyRunThrough. Is this Consumer or Token?

Stuccowork answered 31/7, 2013 at 17:8 Comment(0)

J

5

The above code sample is for OAuth 1, not OAuth 2. Consumer key and secret, token and token secret are all OAuth 1 terms.

I think the confusion is created by the fact that the Python library used is called "oauth2". In my understanding this is the second incarnation of an OAuth 1 library, the name is unfortunate.

The documentation for using OAuth 2 with Gmail is at: https://developers.google.com/gmail/oauth_overview

Jone answered 1/8, 2013 at 17:23 Comment(6)

Thanks for your answer. But do you know how to implement the authentication using OAuth2? Any code or document is appreciated. – Stuccowork 1/8, 2013 at 17:31

I just edited the answer and provided the link to the documentation. – Jone 1/8, 2013 at 18:48

I am still confused. Say, if I want to access user A's gmail, the access_token is generated by A, not me, right? – Stuccowork 1/8, 2013 at 20:29

Normally you cannot access some other user's email. Yes, to access A's email A has to approve the grant. Unless you are managing a hosted domain, in which case you can use a service account. The domain manager has to grant impersonation access for your application. – Jone 1/8, 2013 at 23:44

what does the service account mean? But I think oauth2 helps us to get access to other user's email without having to know their password, right? – Stuccowork 2/8, 2013 at 0:22

Yes, you can get access to other users email, but with their consent. The main documentation: developers.google.com/accounts/docs/OAuth2 Service accounts are described there. – Jone 21/8, 2013 at 22:24

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.