Please provide an example of Oauth2 config for imap

[gsaravanakumar932]

Team, Sincere thanks to package developer.

Since microsoft team is going to decommission the basic auth method with imap, pop, smtp protocol on october 2022, we are in a urge of moving the imap basic auth(username and password) to either oauth2 or Graph explorer. But Graph explorer seems to be hard to discover the api's related to attachments and body images. So sticking with oauth2 flow with imap.

But currently there is no snippet using oauth2 flow, what is the correct configuration required to connect imap also not there in the documentation, whether username, password oauth is required or not for oauth2 connection establishment. Could anyone if provide a correct oauth2 flow config that would be helpful with example. I checked this link, The SASL XOAUTH2 Mechanism but there are many unknown config properties with no example like customPayload, customHeaders. Is it required to generate ?

if there is any working sample.js file would be helpful.

[lpavliuk]

Hello @gsaravanakumar932,

I am not a developer of the package, however, I managed to implement a connection via OAuth2. I would be glad to help you. The main nuance you need to know is that OAuth integration requires your application to use SASL XOAUTH2 format to encode and transmit the access token. I recommend reading this in order to get more details about it.

SASL XOAUTH2 encodes the username, access token together in the following format: base64("user=" + userName + "^Aauth=Bearer " + accessToken + "^A^A")

So, here the implementation is:

const npm_imap = require('imap');

const _build_XOAuth2_token = (user='', access_token='') => Buffer
    .from([`user=${user}`, `auth=Bearer ${access_token}`, '', '']
    .join('\x01'), 'utf-8')
    .toString('base64');

const _conn = new npm_imap({
    host: 'imap.gmail.com',
    port: 993,
    xoauth2: _build_XOAuth2_token(<username>, <oauth2.access_token>)
    ...
});

During registration of your app for OAuth2 authentication, a mail service you connect to should give all instructions to get an Access Token. If you use Gmail, this might be useful to read.

Good luck! Cheers, mate!

[anshul-kai]

Thanks for your comment above. It was greatly helpful.

Can you please add a section in the main documentation on how to build the XOauth2 token? Although, this should be pretty obvious many hours can be saved by having the Buffer.from command handy in the docs.

[lpavliuk]

@a-koka oh, mate, looking at Pull requests from 2020 which have not been merged yet, I think there is no one here to do it, unfortunately :(

[giacomobartoli]

@lpavliuk did you manage to make it work with Azure OAuth?

[anshul-kai]

Here are instructions on how to make it work with Azure OAuth

https://www.limilabs.com/blog/oauth2-client-credential-flow-office365-exchange-imap-pop3-smtp

[lpavliuk]

@mscdex could you please add the example with IMAP above to README.md? It would be helpful for people to have it there to find quickly.

[mscdex]

Token generation is dependent upon each IMAP provider, so there isn't really anything worthwhile to be added to the readme as I'm not keen on maintaining a giant list of links for various providers.

[gsaravanakumar932]

I GOT THE RESULT AND IT WORKS FINE TO ME. THANKS

On Thu, 16 Jun 2022 at 09:11, Aleksey Pavliuk @.***> wrote:

Hello @gsaravanakumar932 https://github.com/gsaravanakumar932,

I am not a developer of the package, however, I managed to implement a connection via OAuth2. I would be glad to help you. The main nuance you need to know is that OAuth integration requires your application to use SASL XOAUTH2 format to encode and transmit the access token. I recommend reading this https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth in order to get more details about it.

SASL XOAUTH2 encodes the username, access token together in the following format: base64("user=" + userName + "^Aauth=Bearer " + accessToken + "^A^A")

So, here the implementation is: const _build_XOAuth2_token = (user='', access_token='') => Buffer .from([ user=${user}, auth=Bearer ${access_token}`, '', ''] .join('\x01'), 'utf-8') .toString('base64');

const _conn = new npm_imap({ host: config.host || 'imap.gmail.com', port: config.port || 993, xoauth2: _build_XOAuth2_token(username, access_token) ... }); `

During registration of your app for OAuth2 authentication, a mail service you connect to should give all instructions to get an Access Token. If you use Gmail, this https://www.labnol.org/google-api-service-account-220405 might be useful to read.

Good luck! Cheers, mate!

— Reply to this email directly, view it on GitHub https://github.com/mscdex/node-imap/issues/881#issuecomment-1157197790, or unsubscribe https://github.com/notifications/unsubscribe-auth/AD77BACDR7LFUQPWANHEK7LVPKO5VANCNFSM5YT6IVEQ . You are receiving this because you were mentioned.Message ID: @.***>

--

Regards & thanks Saravana kumar

[giacomobartoli]

@gsaravanakumar932 could you provide an example? I had to reimplemented it by using Azure SDK

[hoxsec]

@gsaravanakumar932 could you provide an example? I had to reimplemented it by using Azure SDK

Have you gotten any example for Azure yet?

[davidljubadev22]

Follow this example: https://learn.microsoft.com/en-us/answers/questions/875398/read-outlook-mails-via-imap-using-nodejs-and-oauth

Check all answers, too (more than one page)!