使用Ruby为Gmail IMAP访问生成SASL XOAUTH2客户端响应 [英] Generating SASL XOAUTH2 client response for Gmail IMAP access using Ruby
问题描述
我试图在Ruby中使用XOAUTH2通过IMAP访问我的Gmail电子邮件。
我通过使用OAuth 2.0进行身份验证( oauth2 宝石。我将使用 gmail_xoauth 访问Gmail通过IMAP。因此,我现在需要根据 Gmail XOAuth2文档生成SASL初始客户端响应:
SASL XOAUTH2初始客户端响应格式如下:
base64使用在RFC 4648中定义的base64编码机制,用户={User}^ Aauth =承载{访问令牌}^ A ^ A)
^ A表示a控制+ A(\001)。
我不清楚我是如何在我的字符串中表示Control + A的。我是否简单地使用 ^ A ?
key = Base64.encode64(user =#{email} ^ Aauth = Bearer#{access_token_obj.token} ^ A ^ A)
这个python脚本使用 \ 1 来代替 ^ A 。我也试过 \001 。无论我尝试什么,在对irb进行身份验证时,都会得到: $ b
>> ; imap = Net :: IMAP.new('imap.gmail.com',993,usessl = true,certs = nil,verify = false)
>> imap.authenticate('XOAUTH2',email,key)
OpenSSL :: SSL :: SSLError:SSL_write :: bad write重试
这个错误可能完全不相关,但我不确定我尝试过的任何选项是否正确。 / b>
gmail_xoauth
/ code> 添加 XOAUTH authenticator to Net :: IMAP 本身。我意识到这只是期待Google的未编码 access_token ,而不是更长的Base64编码字符串。
,如果:
email =`fredbloggstest @ gmail.com`
#OAuth2跳舞的结果(以及作为一个refresh_token):
access_token ='ya13.AHES6Y3F54_5fAoz_8VuG-7pzQAo3R0_ukt7dhfgRnJh41Q'
然后我不用不需要Base64编码任何东西。我只是这样做:
imap = Net :: IMAP.new('imap.gmail.com',993,usessl = true ,certs = nil,verify = false)
imap.authenticate('XOAUTH2',email,access_token)
我回来了:
#< struct Net :: IMAP :: TaggedResponse tag =RUBY0001, name =OK,data =#< struct Net :: IMAP :: ResponseText code = nil,text =fredbloggstest@gmail.com Fred Bloggs authenticated(Success)>,raw_data =RUBY0001 OK fredbloggstest @ gmail。 com Fred Bloggs认证(成功)\r\\\
>
(作为奖励,这是一个方便的Ruby脚本,用于从OAuth舞蹈中获取 access_token 。)
I'm trying to access my Gmail emails over IMAP using XOAUTH2 in Ruby.
I've successfully generated an access token (and refresh token) by authenticating using OAuth 2.0 with the oauth2 gem. I'm going to use gmail_xoauth to access Gmail over IMAP. So I now need to generate the SASL initial client response, as per the Gmail XOAuth2 docs:
The SASL XOAUTH2 initial client response has the following format:
base64("user=" {User} "^Aauth=Bearer " {Access Token} "^A^A")
using the base64 encoding mechanism defined in RFC 4648.
^A represents a Control+A (\001).
I'm not clear how I represent the "Control+A" in my string. Do I simply use ^A?
key = Base64.encode64("user=#{email}^Aauth=Bearer #{access_token_obj.token}^A^A")
This python script uses \1 in place of ^A. I've also tried \001. Whatever I try, when authenticating (in irb) with the result I get:
>> imap = Net::IMAP.new('imap.gmail.com', 993, usessl=true, certs=nil, verify=false)
>> imap.authenticate('XOAUTH2', email, key)
OpenSSL::SSL::SSLError: SSL_write:: bad write retry
That error could be entirely unrelated, but I'm not confident any option I've tried is correct.
Finally figured it out... I didn't need to do the Base64 encoding step at all!
gmail_xoauth adds the XOAUTH authenticator to Net::IMAP itself. I realised that this only expects the unencoded access_token from Google, rather than the longer Base64-encoded string.
So, if:
email = `fredbloggstest@gmail.com`
# The result of the OAuth2 dance (as well as a refresh_token):
access_token = 'ya13.AHES6Y3F54_5fAoz_8VuG-7pzQAo3R0_ukt7dhfgRnJh41Q'
then I don't have to Base64 encode anything. I just do:
imap = Net::IMAP.new('imap.gmail.com', 993, usessl=true, certs=nil, verify=false)
imap.authenticate('XOAUTH2', email, access_token)
and I get back:
#<struct Net::IMAP::TaggedResponse tag="RUBY0001", name="OK", data=#<struct Net::IMAP::ResponseText code=nil, text="fredbloggstest@gmail.com Fred Bloggs authenticated (Success)">, raw_data="RUBY0001 OK fredbloggstest@gmail.com Fred Bloggs authenticated (Success)\r\n">
(As a bonus, this is a handy Ruby script for getting the access_token from the OAuth dance.)
这篇关于使用Ruby为Gmail IMAP访问生成SASL XOAUTH2客户端响应的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
