0

I have a spring web application, and I want to be able to send email from my application. I had a working solution with javax.mail However, due to the security changes by google, I have to either use OAuth2 or allow less secure apps to use the email account that I am using to send emails.

I tried going with the first option and I have it working, but I am asked for consent the first time that email is sent. I am not sure if a user might be asked to give consent any time in the future. Is there a way around this, or do I have to completely use a different approach?

public void sendEmail(CustomerMessage customerMessage)
        throws MessagingException, IOException, GeneralSecurityException {
    String to = "myemail@xxx.com";
    String from = "myemail@xxx.com";
    MimeMessage mimeMessage = createEmail(to, from, customerMessage.getName(), customerMessage.toFormatedString());
    Message message = createMessageWithEmail(mimeMessage);
    sendMessage(getGmailService(), from, message);
}

private Gmail getGmailService() throws GeneralSecurityException, IOException {

    final NetHttpTransport HTTP_TRANSPORT = GoogleNetHttpTransport.newTrustedTransport();
    Gmail service = new Gmail.Builder(HTTP_TRANSPORT, JacksonFactory.getDefaultInstance(),
            getCredentials(HTTP_TRANSPORT)).setApplicationName(APPLICATION_NAME).build();
    return service;
}

/**
 * Creates an authorized Credential object.
 * 
 * @param HTTP_TRANSPORT
 *            The network HTTP Transport.
 * @return An authorized Credential object.
 * @throws IOException
 *             If the credentials.json file cannot be found.
 */
private Credential getCredentials(final NetHttpTransport HTTP_TRANSPORT) throws IOException {

    // Load client secrets.
    InputStream in = GmailService.class.getResourceAsStream(CREDENTIALS_FILE_PATH);
    GoogleClientSecrets clientSecrets = GoogleClientSecrets.load(JSON_FACTORY, new InputStreamReader(in));

    // Build flow and trigger user authorization request.
    GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(HTTP_TRANSPORT, JSON_FACTORY,
            clientSecrets, SCOPES)
                    .setDataStoreFactory(new FileDataStoreFactory(new java.io.File(TOKENS_DIRECTORY_PATH)))
                    .setAccessType("offline").build();
    LocalServerReceiver receiver = new LocalServerReceiver.Builder().setPort(8888).build();
    return new AuthorizationCodeInstalledApp(flow, receiver).authorize("user");

}
Ammar Samater
  • 529
  • 2
  • 7
  • 24
  • will the emails be sent using your application's Google account, or the users' Google accounts? – pinoyyid Jan 19 '19 at 12:13
  • @pinoyyid yes, It will use the application's email account – Ammar Samater Jan 29 '19 at 08:31
  • 1
    then follow the steps at https://stackoverflow.com/questions/19766912/how-do-i-authorise-an-app-web-or-installed-without-user-intervention to do the OAuth. Your app will end up with a Refresh Token that it can use to request an Access Token whenever it sends email. – pinoyyid Jan 29 '19 at 09:37

0 Answers0