Mahmoud ElMansy: knowledge meant to be free

Send Email Using Google OAuth (via SMTP) using 2-legged OAuth

I Waited for a long time to write this post, and was just waiting for the right time.
Let us start, with some basics OAuth is new technology to make it easier
to connect to service without the need to write USERNAME and PASSWORD each time, or to give them to each client program you use to connect to service on the internet.
So OAuth was made to make it easier to connect to secure service.

If you are going to use Gmail as your SMTP and have large number of accounts,
and you want to make a tool to send emails via Gmail account.
The common way is to use every USERNAME and PASSWORD to connect and
Authonticate (using .net library) .
First issue, you should keep track of every password used, and This was headache if any one changed his password, his email will not be sending until you have the new password.
And so, you have to watch the send process regularly. and it is not nice to ask some one for thier email password.

For me when, once I heard about OAuth I tried to use it, I found many .net liberares that connect via IMAP and Authonticate using OAuth
But did not found free liberares to do that and .net does not support this feature yet “unlucky me”.
It was drama for me, there was an open source liberary used already by one of our teams,
To connect via IMAP and authenticates via OAuth but using it to authonticate via SMTP and Gmail was not Supportrd .
I worked on and modified it to Use Secure connection(via Socket) and OAuth Authontication to connect to Gmail SMTP server .
Let us start with my journey to accomplish that .
First here is the link developers.google.com
“Gmail supports the standard IMAP and SMTP protocols for accessing and sending e-mail messages. The Gmail IMAP and SMTP servers have been extended to support authorization via the industry-standard OAuth protocol.”
You will find sample code and detailed illustration for OAuth protocol and how to use.
Second : how google accept OAuth authontication
this link constructing_the_oauth_protocol_parameters

This shows how Google server interact with you to use his service .
We will talke about this part .
SMTP protocol exchange
“To login with the XOAUTH mechanism, the client invokes the AUTH command with the mechanism parameter of XOAUTH, and the initial client request as constructed above.”

[connection begins]
S: 220 mx.google.com ESMTP 12sm2095603fks.9
C: EHLO sender.example.com
S: 250-mx.google.com at your service, [172.31.135.47]
S: 250-SIZE 35651584
S: 250-8BITMIME
S: 250-AUTH LOGIN PLAIN XOAUTH
S: 250-ENHANCEDSTATUSCODES
S: 250 PIPELINING
C: AUTH XOAUTH R0VUIGh0dHBzOi8vbWFpbC5nb29nbGUuY29tL21ha
WwvYi9zb21ldXNlckBleGFtcGxlLmNvbS9zbXRwLyBvYXV0aF9jb25zd
W1lcl9rZXk9ImFub255bW91cyIsb2F1dGhfbm9uY2U9IjIwNDg1MjE2O
DgzNjgyNzY0MzAiLG9hdXRoX3NpZ25hdHVyZT0iVEJNQmo2NG9ZMzNJd
ERUOWxtUGlveGF0Uko0JTNEIixvYXV0aF9zaWduYXR1cmVfbWV0aG9kP
SJITUFDLVNIQTEiLG9hdXRoX3RpbWVzdGFtcD0iMTI2NzIwNTc2OSIsb
2F1dGhfdG9rZW49ImFzZGZhc2RmIixvYXV0aF92ZXJzaW9uPSIxLjAi
S: 235 2.7.0 Accepted
[connection continues...]

If you are using telnet

// strat telnet
Microsoft Telnet> o smtp.gmail.com 587
S: 220 mx.google.com ESMTP 12sm2095603fks.9
EHLO yourname
S: 250-mx.google.com at your service, [172.31.135.47]
S: 250-SIZE 35651584
S: 250-8BITMIME
S: 250-AUTH LOGIN PLAIN XOAUTH
S: 250-ENHANCEDSTATUSCODES
S: 250 PIPELINING
STARTTLS
S:220 2.0.0 Ready to start TLS
AUTH XOAUTH  YourOauthBase64string
S: 235 2.7.0 Accepted
[connection continues...]

Of course this step will hapeen if every thing is ok .
I modified the liberary to do that and authontication using socket and to use just call this method.

  SMTP_Client.QuickSendOauth(mail, _Accounts.UserName, authenticatedString,"smtp.gmail.com");

Here is download link for liberary LumiSoft
Refrenace .
google-apps-mail troubleshooting
oauth_overview
constructing_the_oauth_protocol_parameters
lumisoft.net