I have an application where I send multiple emails that are generated without user input and am horrified that gmail will no longer allow less secure apps to send using a gmail account. I am very illiterate in this area and I'm wondering if there is any really simple explanation of how one can implement oauth in a harbour application, or is that just not possible?
FiveTech Support Forums
FiveWin / Harbour / xBase community
Board index FiveWin for Harbour/xHarbour oauth for dummies
Dear David,
Understanding OAuth in a Nutshell
OAuth allows apps to access email services like Gmail securely by asking users for permission, instead of relying on username/password combinations. With Gmail:
1. You register your app with Google.
2. Google provides a client ID and secret for your app.
3. Your app uses these credentials to request an "access token" from Google.
4. The token is then used to send emails via Gmail.
Steps to Implement OAuth in a Harbour Application
1. Register Your App with Google
Go to the Google Cloud Console.
Create a new project or use an existing one.
Enable the Gmail API for your project.
Set up OAuth consent screen (fill in basic details about your app).
Create OAuth 2.0 client credentials (choose "Desktop app" or similar).
Once done, you'll get:
A Client ID
A Client Secret
Pseudo-code
Understanding OAuth in a Nutshell
OAuth allows apps to access email services like Gmail securely by asking users for permission, instead of relying on username/password combinations. With Gmail:
1. You register your app with Google.
2. Google provides a client ID and secret for your app.
3. Your app uses these credentials to request an "access token" from Google.
4. The token is then used to send emails via Gmail.
Steps to Implement OAuth in a Harbour Application
1. Register Your App with Google
Go to the Google Cloud Console.
Create a new project or use an existing one.
Enable the Gmail API for your project.
Set up OAuth consent screen (fill in basic details about your app).
Create OAuth 2.0 client credentials (choose "Desktop app" or similar).
Once done, you'll get:
A Client ID
A Client Secret
Pseudo-code
PROCEDURE Main()
LOCAL clientId := "YOUR_CLIENT_ID"
LOCAL clientSecret := "YOUR_CLIENT_SECRET"
LOCAL token := AuthorizeWithGoogle(clientId, clientSecret)
IF !Empty(token)
SendEmail(token)
ELSE
? "Authorization failed."
ENDIF
RETURN
FUNCTION AuthorizeWithGoogle(clientId, clientSecret)
LOCAL authUrl := "https://accounts.google.com/o/oauth2/auth?...&client_id=" + clientId
LOCAL tokenUrl := "https://oauth2.googleapis.com/token"
LOCAL authorizationCode
LOCAL accessToken
// Open authUrl in browser and get authorizationCode
RunBrowser(authUrl)
authorizationCode := GetCodeFromUser()
// Exchange authorizationCode for accessToken
accessToken := RequestAccessToken(tokenUrl, clientId, clientSecret, authorizationCode)
RETURN accessToken
FUNCTION SendEmail(token)
LOCAL smtpServer := "smtp.gmail.com"
LOCAL smtpPort := 587
LOCAL fromEmail := "youremail@gmail.com"
LOCAL toEmail := "recipient@gmail.com"
LOCAL subject := "Test Email"
LOCAL body := "This is a test email sent via OAuth."
hb_smtpConnect(smtpServer, smtpPort, fromEmail, token) // Authenticate with token
hb_smtpSend(fromEmail, toEmail, subject, body)
RETURNThank you so much Antonio! I think you just saved my life.
Google Cloud oauth:
https://console.cloud.google.com/auth
Here’s an example of a fully constructed authUrl:
https://accounts.google.com/o/oauth2/v2/auth?client_id=YOUR_CLIENT_ID&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code&scope=https://www.googleapis.com/auth/gmail.send&access_type=offline
https://github.com/FiveTechSoft/screenshots/blob/master/oauth1.jpg?raw=true
https://console.cloud.google.com/auth
Here’s an example of a fully constructed authUrl:
https://accounts.google.com/o/oauth2/v2/auth?client_id=YOUR_CLIENT_ID&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code&scope=https://www.googleapis.com/auth/gmail.send&access_type=offline
https://github.com/FiveTechSoft/screenshots/blob/master/oauth1.jpg?raw=true
FUNCTION RequestAccessToken(tokenUrl, clientId, clientSecret, authorizationCode)
LOCAL postData, response, jsonResponse, accessToken := ""
// Prepare the POST data as a plain string
postData := "code=" + authorizationCode + "&" + ;
"client_id=" + clientId + "&" + ;
"client_secret=" + clientSecret + "&" + ;
"redirect_uri=urn:ietf:wg:oauth:2.0:oob&" + ;
"grant_type=authorization_code"
// Make a POST request to the token URL
response := hb_curlPost(tokenUrl, postData, { "Content-Type: application/x-www-form-urlencoded" })
IF !Empty(response)
// Parse the JSON response to extract the access token
jsonResponse := hb_jsonDecode(response)
IF hb_IsObject(jsonResponse)
accessToken := hb_jsonGet(jsonResponse, "access_token")
ELSE
? "Error parsing JSON response."
ENDIF
ELSE
? "Error: No response from the token endpoint."
ENDIF
RETURN accessTokenwhen compiling i get undefined external for the following
runbrowser
getcodefromuser
curlpost
jsondecode
jsonget
Dear David,
Have you already done steps 1 and 2 ?
-
You register your app with Google.
-
Google provides a client ID and secret for your app.
Do you already have your client ID and secret ?
Antonio,
Yes, I have the client id and secret code but it was very confusing. It says you have to have your app verified, is that true? I submitted a request and it said it will take 3 weeks. And it asked for url link and link to privacy statement etc, which I assume is irrelevant for a desktop app.
Anyway, thanks and Happy New Year!
David
Dear David,
Then we will have to wait three weeks to continue it, I guess
Happy new year! :-)
Then we will have to wait three weeks to continue it, I guess
Happy new year! :-)
I think maybe Google was bluffing when they said "less secure apps" would no longer be able to use gmail as of January 1 because I was just able to send an email with no problem.
very good!