DataFlex
DataFlex
OAuth2 for GMail using a Service Account Key
Demonstrates how to use GMail with OAuth2 for a Google Service Account. The 1st step is to obtain a temporary access token from the Google OAuth 2.0 Authorization Server. This can be accomplished using Chilkat HTTP.Once the access token is obtained, it may be used in IMAP XOAUTH2 authentication. The access token may be used while it remains valid to send as many emails as desired. Once it expires, a new access token needs to be obtained (using the same procedure).
Note: This is for OAuth2 using Google Service account keys.
Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Variant vCert
Handle hoCert
String sIss
String sScope
String sSub
Integer iNumSec
Handle hoHttp
String sAccessToken
Handle hoImap
String sTemp1
Boolean bTemp1
Move False To iSuccess
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// --------------------------------------------------------------------
// Important: In most cases, this example is not what you are looking for.
// This example is for OAuth2 using a Google Service Account Key.
//
// It is more likely that the example you actually need is here:
// Get GMail IMAP OAuth2 Access Token
// --------------------------------------------------------------------
// When a service account (Client ID) is created at https://code.google.com/apis/console/
// Google will generate a P12 key. This is a PKCS12 (PFX) file that you will download
// and save. The password to access the contents of this file is "notasecret".
// NOTE: The Chilkat Pfx API provides the ability to load a PFX/P12 and re-save
// with a different password.
// Begin by loading the downloaded .p12 into a Chilkat certificate object:
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get ComLoadPfxFile Of hoCert "/myDir/API Project-1c43a291e2a1-notasecret.p12" "notasecret" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// The next (and final) step is to request the access token. Chilkat internally
// does all the work of forming the JWT header and JWT claim set, encoding and
// signing the JWT, and sending the access token request.
// The application need only provide the inputs: The iss, scope(s), sub, and the
// desired duration with a max of 3600 seconds (1 hour).
//
// Each of these inputs is defined as follows
// (see https://developers.google.com/accounts/docs/OAuth2ServiceAccount
// iss: The email address of the service account.
// scope: A space-delimited list of the permissions that the application requests.
// sub: The email address of the user for which the application is requesting delegated access.
// The sub may be empty if there is no delegation. (This is typical.)
// numSec: The number of seconds for which the access token will be valid (max 3600).
Move "761326798069-r5mljlln1rd4lrbhg75efgigp36m78j5@developer.gserviceaccount.com" To sIss
Move "https://mail.google.com/" To sScope
Move "" To sSub
Move 3600 To iNumSec
Get Create (RefClass(cComChilkatHttp)) To hoHttp
If (Not(IsComObjectCreated(hoHttp))) Begin
Send CreateComObject of hoHttp
End
Get pvComObject of hoCert to vCert
Get ComG_SvcOauthAccessToken Of hoHttp sIss sScope sSub iNumSec vCert To sAccessToken
Get ComLastMethodSuccess Of hoHttp To bTemp1
If (bTemp1 <> True) Begin
Get ComLastErrorText Of hoHttp To sTemp1
Showln sTemp1
Procedure_Return
End
Else Begin
Showln "access token: " sAccessToken
End
// Now that we have the access token, it may be used to authenticate via XOAUTH2 with GMail:
Get Create (RefClass(cComChilkatImap)) To hoImap
If (Not(IsComObjectCreated(hoImap))) Begin
Send CreateComObject of hoImap
End
// GMail's IMAP service uses SSL and port 993.
Set ComSsl Of hoImap To True
Set ComPort Of hoImap To 993
// Connect to the GMail IMAP server.
Get ComConnect Of hoImap "imap.gmail.com" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoImap To sTemp1
Showln sTemp1
Procedure_Return
End
// Indicate that XOAUTH2 authentication is to be used:
Set ComAuthMethod Of hoImap To "XOAUTH2"
// Login
// The username must be the email address used for the "sub" argument when getting
// the access token. Instead of using a password, pass the access token in the 2nd argument:
Get ComLogin Of hoImap "user@your-domain.com" sAccessToken To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoImap To sTemp1
Showln sTemp1
End
Else Begin
Showln "Successfully authenticate with GMail IMAP using XOAUTH2!"
End
End_Procedure