Chilkat HOME Android™ Classic ASP C C++ C# Mono C# .NET Core C# C# UWP/WinRT DataFlex Delphi ActiveX Delphi DLL Visual FoxPro Java Lianja MFC Objective-C Perl PHP ActiveX PHP Extension PowerBuilder PowerShell PureBasic Python Ruby SQL Server Swift Tcl Unicode C Unicode C++ Visual Basic 6.0 VB.NET VB.NET UWP/WinRT VBScript Xojo Plugin Node.js Excel
(Python) OAuth2 GMail IMAP Authentication
Demonstrates how to authenticate with GMail (for IMAP) using XOAUTH2 authentication. The 1st step is to obtain a temporary access token from the Google OAuth 2.0 Authorization Server. This can be accomplished using Chilkat HTTP.
Once the access token is obtained, it may be used to authenticate. The access token may be used for subsequent authentications while it is valid. Once it expires, a new access token needs to be obtained (using the same procedure).
IMPORTANT: This is an example that uses two-legged OAuth2 with a Google Apps GMail account (not a consumer GMail account). See Why does GMail OAuth2 fail for my consumer GMail.com account. for more information.
import sys import chilkat http = chilkat.CkHttp() # Any string unlocks the component for the 1st 30-days. success = http.UnlockComponent("Anything for 30-day trial") if (success != True): print(http.lastErrorText()) sys.exit() # When a service account (Client ID) is created at https://code.google.com/apis/console/ # Google will generate a P12 key. This is a PKCS12 (PFX) file that you will download # and save. The password to access the contents of this file is "notasecret". # NOTE: The Chilkat Pfx API provides the ability to load a PFX/P12 and re-save # with a different password. # Begin by loading the downloaded .p12 into a Chilkat certificate object: cert = chilkat.CkCert() success = cert.LoadPfxFile("/myDir/API Project-1c43a291e2a1-notasecret.p12","notasecret") if (success != True): print(cert.lastErrorText()) sys.exit() # The next (and final) step is to request the access token. Chilkat internally # does all the work of forming the JWT header and JWT claim set, encoding and # signing the JWT, and sending the access token request. # The application need only provide the inputs: The iss, scope(s), sub, and the # desired duration with a max of 3600 seconds (1 hour). # # Each of these inputs is defined as follows # (see https://developers.google.com/accounts/docs/OAuth2ServiceAccount # iss: The email address of the service account. # scope: A space-delimited list of the permissions that the application requests. # sub: The email address of the user for which the application is requesting delegated access. # The sub may be empty if there is no delegation. (This is typical.) # numSec: The number of seconds for which the access token will be valid (max 3600). iss = "email@example.com" scope = "https://mail.google.com/" sub = "" numSec = 3600 accessToken = http.g_SvcOauthAccessToken(iss,scope,sub,numSec,cert) if (http.get_LastMethodSuccess() != True): print(http.lastErrorText()) sys.exit() else: print("access token: " + accessToken) # Now that we have the access token, it may be used to authenticate via XOAUTH2 with GMail: imap = chilkat.CkImap() # Anything unlocks the component and begins a fully-functional 30-day trial. success = imap.UnlockComponent("Anything for 30-day trial") if (success != True): print(imap.lastErrorText()) sys.exit() # GMail's IMAP service uses SSL and port 993. imap.put_Ssl(True) imap.put_Port(993) # Connect to the GMail IMAP server. success = imap.Connect("imap.gmail.com") if (success != True): print(imap.lastErrorText()) sys.exit() # Indicate that XOAUTH2 authentication is to be used: imap.put_AuthMethod("XOAUTH2") # Login # The username must be the email address used for the "sub" argument when getting # the access token. Instead of using a password, pass the access token in the 2nd argument: success = imap.Login("firstname.lastname@example.org",accessToken) if (success != True): print(imap.lastErrorText()) else: print("Successfully authenticate with GMail IMAP using XOAUTH2!")
© 2000-2016 Chilkat Software, Inc. All Rights Reserved.