Swift
Swift
OAuth2 for a GMail using a JSON Service Account Key
See more GMail SMTP/IMAP/POP Examples
This example shows how to obtain an OAuth2 access token for Gmail using a Google Service Account and a JSON private key. Once acquired, the access token can be used to send emails. Remember, upon token expiration, this process needs to be repeated to obtain a new token. Note: This procedure is specific to OAuth2 with Google Service Account keys.Chilkat Swift Downloads
func chilkatTest() {
var success: Bool = false
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// --------------------------------------------------------------------------------
// For a step-by-step guide for setting up your Google Workspace service account,
// see Setup Google Workspace Account for Sending SMTP GMail from a Service Account
// --------------------------------------------------------------------------------
// First load the JSON key into a string.
let fac = CkoFileAccess()!
var jsonKey: String? = fac.readEntireTextFile(path: "qa_data/googleApi/chilkat25-b4214220e565.json", charset: "utf-8")
if fac.lastMethodSuccess != true {
print("\(fac.lastErrorText!)")
return
}
// A Google service account JSON private key looks like this:
// {
// "type": "service_account",
// "project_id": "chilkat25",
// "private_key_id": "b4214220f565881e19eeb97c2699bf5a0d1e3e0b",
// "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQ...NXcM=\n-----END PRIVATE KEY-----\n",
// "client_email": "chilkatsvc@chilkat25.iam.gserviceaccount.com",
// "client_id": "109122032928932715958",
// "auth_uri": "https://accounts.google.com/o/oauth2/auth",
// "token_uri": "https://oauth2.googleapis.com/token",
// "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
// "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/chilkatsvc%40chilkat25.iam.gserviceaccount.com",
// "universe_domain": "googleapis.com"
// }
let gAuth = CkoAuthGoogle()!
gAuth.jsonKey = jsonKey
// Specify a scope.
gAuth.scope = "https://mail.google.com/"
// Request an access token that is valid for this many seconds.
gAuth.expireNumSeconds = 3600
// When using a Google Workspace account with Gmail APIs, a service account can impersonate a user
// via a process called domain-wide delegation � and the "sub" claim in the JWT is what enables this.
// Domain-wide delegation allows a Google Workspace administrator to authorize a service account to
// act on behalf of any user in the domain, without user interaction.
// This is required for server-to-server access to user data � such as reading/sending Gmail from a background service.
// This is your company email address.
gAuth.subEmailAddress = "info@chilkat.xyz"
// Connect to www.googleapis.com using TLS
let tlsSock = CkoSocket()!
success = tlsSock.connect(hostname: "www.googleapis.com", port: 443, ssl: true, maxWaitMs: 5000)
if success != true {
print("\(tlsSock.lastErrorText!)")
return
}
// Send the request to obtain the access token.
success = gAuth.obtainAccessToken(connection: tlsSock)
if success != true {
print("\(gAuth.lastErrorText!)")
return
}
// Examine the access token:
var accessToken: String? = gAuth.accessToken
print("Access Token: \(accessToken!)")
// Sample output:
// ya29.a0AW4XtxjGTD67Z8 .... IRw0218
// The access token allows us to send unlimited emails while it's valid. Once it expires, we must obtain and use a new one.
// -----------------------------------------------------------------------
let mailman = CkoMailMan()!
// Set the properties for the GMail SMTP server:
mailman.smtpHost = "smtp.gmail.com"
mailman.smtpPort = 587
mailman.startTLS = true
mailman.smtpUsername = "info@chilkat.xyz"
mailman.oAuth2AccessToken = accessToken
// Create a new email object
let email = CkoEmail()!
email.subject = "This is a test"
email.body = "This is a test"
email.from = "Chilkat Test <info@chilkat.xyz>"
success = email.add(to: "Chilkat Software", emailAddress: "info@chilkatsoft.com")
// To add more recipients, call AddTo, AddCC, or AddBcc once per recipient.
success = mailman.sendEmail(email: email)
if success != true {
print("\(mailman.lastErrorText!)")
return
}
success = mailman.closeSmtpConnection()
if success != true {
print("Connection to SMTP server not closed cleanly.")
}
print("Successfully sent email using Gmail with a service account key.")
}