omniauth oauth tokens for gmail are invalid_问答_开发者

omniauth oauth tokens for gmail are invalid

开发者 https://www.devze.com 2023-02-24 04:58 出处：网络

I\'m trying to get an oauth token I can use with gmail_xauth (ruby gem) to look at a user\'s mail. I first registered my app with google and

I'm trying to get an oauth token I can use with gmail_xauth (ruby gem) to look at a user's mail. I first registered my app with google and then set up devise to request access to mail:

   config.omniauth :google, 'key', 'secret', :scope => 'https://mail.google.com/mail/feed/atom/'

I then go through the outh/openid flow and google prompts me to approve access to gmail, redirecting me back to the app with a a token and secret in the omniuth credentials & my Google account lists my app as authorized to access my data. So far so good.

Now, when I take those credentials and try to use them with gmail_xoauth like so:

  require 'gmail_xoauth' 
  imap = Net::IMAP.new('imap.gmail.com', 993, usessl = true, certs = 
nil, verify = false) 
  imap.authenticate('XOAUTH', '...@gmail.com', 
    :consumer_ke开发者_Go百科y => 'key, 
    :consumer_secret => 'secret', 
    :token => 'omniauth_returned_token', 
    :token_secret => 'omniauth_returned_secret' 
  )

I get an error "Net::IMAP::NoResponseError: Invalid credentials (Failure)".

Interestingly, following the gmail_xoauth README to generate a token with an same consumer using a python script it does work.

This works for me:

config.omniauth :google, 'anonymous', 'anonymous', :scope => 'https://mail.google.com/'

I'm using the gmail gem, so to connect it looks like this:

gmail = Gmail.connect(:xoauth, auth.uid,
  :token           => auth.token,
  :secret          => auth.secret,
  :consumer_key    => 'anonymous',
  :consumer_secret => 'anonymous'
)

I'm passing an authentication object in, but you'll be getting it from the env variable env["omniauth.auth"]. I'm using anonymous/anonymous for the key/secret since I haven't registered my domain with google, but I believe you can here. It'll still work with anonymous/anonymous, but Google will just warn the user.

Google's OAuth1 protocol is now deprecated and many gems have not yet updated to use their OAuth2 protocol. Here is a working example of fetching email from Google using their OAuth2 protocol. This example uses the mail, gmail_xoauth, omniauth, and omniauth-google-oauth2 gems.

You will also need to register your app in Google's API console in order to get your API tokens.

# in an initializer:
ENV['GOOGLE_KEY'] = 'yourkey'
ENV['GOOGLE_SECRET'] = 'yoursecret'
Rails.application.config.middleware.use OmniAuth::Builder do
  provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], {
    scope: 'https://mail.google.com/,https://www.googleapis.com/auth/userinfo.email'
  }

end

# ...after handling login with OmniAuth...

# in your script
email = auth_hash[:info][:email]
access_token = auth_hash[:credentials][:token]

imap = Net::IMAP.new('imap.gmail.com', 993, usessl = true, certs = nil, verify = false)
imap.authenticate('XOAUTH2', email, access_token)
imap.select('INBOX')
imap.search(['ALL']).each do |message_id|

    msg = imap.fetch(message_id,'RFC822')[0].attr['RFC822']
    mail = Mail.read_from_string msg

    puts mail.subject
    puts mail.text_part.body.to_s
    puts mail.html_part.body.to_s

end