3

I am trying to use MailKit (http://jstedfast.github.io/MailKit/docs/index.html) to log into Gmail using oAuth. I am able to log into Google API using a refreshed AuthToken, but when I try to use the refreshed token in MailKit, I get an error "Invalid Credentials"

Any clues?? Thanks, Jeff

Here is my code:

var secrets = new ClientSecrets()
{
    ClientId = "xxx-yyy.apps.googleusercontent.com",
    ClientSecret = "xyzSecret"
};

IAuthorizationCodeFlow flow =
        new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
        {
            ClientSecrets = secrets,
            Scopes = new string[] { GmailService.Scope.GmailReadonly }
        });

var tokenResponse = flow.RefreshTokenAsync("", connection.RefreshToken, CancellationToken.None).Result;

using (var client = new MailKit.Net.Imap.ImapClient())
{
    var credentials = new NetworkCredential("emailtoconnect@gmail.com", tokenResponse.AccessToken);

    client.Connect("imap.gmail.com", 993, true, CancellationToken.None);
    try
    {
        client.Authenticate(credentials, CancellationToken.None);
    }
    catch (Exception ex)
    {
        
        throw;
    }
    

}
vchan
  • 835
  • 2
  • 11
  • 27
Jeff
  • 387
  • 1
  • 3
  • 11
  • OAUTH2 requires a custom authentication flow, it cannot use standard IMAP Authentication, which is what this appears to be doing. It looks like you're passing the access token as a password, which it is not. – Max Dec 01 '14 at 21:20
  • Actually, with MailKit I think it is passed in as the password. Here is a link to another answer using SMTP, but still mine doesn't work. I am going to look into the scope which my AuthCode may not be built using the one I need. I just found https://mail.google.com for IMAP access. Mine had only read access from the API. Didn't realize it was different till just now. Anyway, here is the link @Max. [link] (http://stackoverflow.com/questions/24195508/smtp-and-oauth-2/24204968#24204968) – Jeff Dec 02 '14 at 05:18

3 Answers3

2

a clearer answer is that the scope was incorrect in the original code

Scopes = new string[] { GmailService.Scope.GmailReadonly }

needs to be

Scopes = new string[] { GmailService.Scope.MailGoogleCom }

in order to authenticate with imapi using a access token.

vchan
  • 835
  • 2
  • 11
  • 27
Kristofer Moore
  • 56
  • 5
1

It was just a scope problem. The above code works fine for gmail oAuth!!

Jeff
  • 387
  • 1
  • 3
  • 11
1
using (var client = new ImapClient())
    {
        client.Connect("imap.gmail.com", 993, true);  
        client.AuthenticationMechanisms.Remove("XOAUTH2");
        client.Authenticate(EmailId, Password);
    }

The above piece of code is used to log in to gmail using imap and MailKit tool. But before this, you have to log in to gmail manually and check "Enable Imap" option in Settings. This will surely work.

vchan
  • 835
  • 2
  • 11
  • 27
VAMSHI PAIDIMARRI
  • 236
  • 1
  • 4
  • 9
  • This has worked in the past. I currently run into the same problem. I have some old software which I recompiled which contains exactly this code fragment. I know this old software has been able to connect in the past, but now this code gives an exception "Invalid Credentials". IMAP is enabled in gmail. – René Heuven Aug 10 '19 at 06:57
  • 2
    Found a solution to allow access to Gmail for less secure applications like my C# mail monitor (nowadays it is recommended to use OAuth 2.0 - see [link](https://stackoverflow.com/questions/24057939/login-using-google-oauth-2-0-with-c-sharp) - will fix this later in my application): In Gmail Settings- Go To Accounts and Import Then Change Account Settings: OTHER GOOGLE ACCOUNT SETTINGS SECURITY tab Account Permissions - Access for less secure Apps - Click SETTINGS - allow less secure apps to access your gmail email box. – René Heuven Aug 10 '19 at 07:15