Oauth2 token not working for gmail_xoauth gem

Question

I'm currently getting a token via the omniauth-google-oauth2 gem per the following: https://github.com/zquestz/omniauth-google-oauth2

I store the token that comes back from the auth_hash.

I then try to use the token by calling:

require 'gmail_xoauth'
imap = Net::IMAP.new('imap.gmail.com', 993, usessl = true, certs = nil, verify = false)
imap.authenticate('XOAUTH2', 'myemail@gmail.com', Token.last)

Problem is that I get an error:

[8] pry(main)> imap.authenticate('XOAUTH2', 'myemail@gmail.com', Token.last)
  Token Load (0.6ms)  SELECT  "tokens".* FROM "tokens"  ORDER BY "tokens"."id" DESC LIMIT 1
Net::IMAP::NoResponseError:  Invalid credentials (Failure)
from /Users/username/.rvm/rubies/ruby-2.2.1/lib/ruby/2.2.0/net/imap.rb:1171:in `get_tagged_response'

I also know that this is the right token because when I use the `google-api-client` gem I'm able to connect directly to the service. — locoboy, Jul 16 '15 at 13:07
Are you trying to use IMAP in the `google-api-client` as well? If not, it may be worth taking an extra look at your requested scopes. `https://mail.google.com/` has to be present for IMAP. — Tholle, Jul 16 '15 at 13:39
I have that scope set already. I'm not trying to use the `google-api-client` for the purposes above. Just telling you that so that you know nothing is wrong with my token. — locoboy, Jul 16 '15 at 15:09
I hear you. Ruby is not my strongest suit. Have you seen this post? http://stackoverflow.com/questions/9084701/how-to-implement-gmail-imap-with-omniauth — Tholle, Jul 16 '15 at 15:26
yeah seen this - it's exactly what's failing for me when I try to authenticate — locoboy, Jul 16 '15 at 15:49

locoboy · Accepted Answer · 2015-07-16T20:39:33.673

Ok I took a look at google-api-client and I started to use that a little more. Seems like the best solution at the moment is to do the following:

create an options hash that includes the gmail parameters and the gmail api_method
use the service you initialize with your access_token to create your query in the options hash

Below you can see a rough example that you can use

client = Google::APIClient.new
client.authorization.access_token = token
service = client.discovered_api 'gmail'
options = {parameters: {'userId' => 'email@gmail.com'}, api_method: service.users.messages.list}
client.execute(options)

I mean this is pretty clunky and should be DRY'd up. (Hopefully google creates a better gem around this)

score 0 · Answer 2 · answered Aug 24 '15 at 16:55

The solution was to update the scope of omniauth for gmail.

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET'], 
  {
    scope: [
            'https://mail.google.com/','https://www.googleapis.com/auth/userinfo.email'
            ]
  }
end

Oauth2 token not working for gmail_xoauth gem

2 Answers2

Linked