Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Gmail OAUTH2 With cURL
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Thad Bogert via curl-users <curl-users_at_lists.haxx.se>
Date: Wed, 30 Mar 2022 10:48:41 -0400
In anticipation of Google disabling “Less Secure Apps” login support, we have been updating our application to use the cURL command line client to send emails via SMTP using the
--oauth2-bearer option.
Has anyone had any success with using this approach? So far we have not had any success. Every attempt to send results with 535-5.7.8 Username and Password not accepted
Below is the command and it’s output. We are using 7.79.1 on Windows 10.
++++++++++
cURL.exe -sS --verbose --ssl --url "smtps://smtp.gmail.com:465" --mail-from c***********t_at_gmail.com --mail-rcpt homer_at_email.com --upload-file "C:\Users\xxxx\AppData\Local\TempClienTraxMessage.eml" --user c***********t_at_gmail.com --oauth2-bearer "ya29.A0ARrdaM869m57HXThnkvV-hOxYpsJgmTXQBh-wa5cK80vTLEgJAvbYj94lyi7GWiWzEmGRXjzP6EyCo6Ts8_I5kBj6btHikNxS0VLSwehkP06MMjz9axTz7Skh94LdmsDNjOcytsr-Ys-J3RS3jBrwETFM6E8"
++++++++++
* Trying 172.253.115.109:465...
* Connected to smtp.gmail.com (172.253.115.109) port 465 (#0)
* schannel: disabled automatic use of client certificate
< 220 smtp.gmail.com ESMTP g21-20020ac85815000000b002e06e2623a7sm13243273qtg.0 - gsmtp
> EHLO TempClienTraxMessage.eml
< 250-smtp.gmail.com at your service, [98.100.85.18]
< 250-SIZE 35882577
< 250-8BITMIME
< 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
< 250-ENHANCEDSTATUSCODES
< 250-PIPELINING
< 250-CHUNKING
< 250 SMTPUTF8
> AUTH OAUTHBEARER
< 334
> bixhPWNsaWVudHJheHRlc3RAZ21haWwuY29tLAFob3N0PXNtdHAuZ21haWwuY29tAXBvcnQ9NDY1AWF1dGg9QmVhcmVyIHlhMjkuQTBBUnJkYU04NjltNTdIWFRobmt2Vi1oT3hZcHNKZ21UWFFCaC13YTVjSzgwdlRMRWdKQXZiWWo5NGx5aTdHV2lXekVtR1JYanpQNkV5Q282VHM4X0k1a0JqNmJ0SGlrTnhTMFZMU3dlaGtQMDZNTWp6OWF4VHo3U2toOTRMZG1zRE5qT2N5dHNyLVlzLUozUlMzakJyd0VURk02RTgBAQ==
< 334 eyJzdGF0dXMiOiJpbnZhbGlkX3JlcXVlc3QiLCJzY29wZSI6Imh0dHBzOi8vbWFpbC5nb29nbGUuY29tLyJ9
> AQ==
< 535-5.7.8 Username and Password not accepted. Learn more at
< 535 5.7.8 https://support.google.com/mail/?p=BadCredentials g21-20020ac85815000000b002e06e2623a7sm13243273qtg.0 - gsmtp
* Closing connection 0
* schannel: shutting down SSL/TLS connection with smtp.gmail.com port 465
curl: (67) Login denied
Program Finished
++++++++
We have made sure that the https://www.googleapis.com/auth/gmail.send API is enabled in Googles API console and the the user we are sending from is also added. I realize that we can fall back on using an App Password to send emails with. But it would be ideal to have the ability to use OAUTH2 to minimize the work needed for end users to enable sending emails.
Thanks!
Thad
Date: Wed, 30 Mar 2022 10:48:41 -0400
In anticipation of Google disabling “Less Secure Apps” login support, we have been updating our application to use the cURL command line client to send emails via SMTP using the
--oauth2-bearer option.
Has anyone had any success with using this approach? So far we have not had any success. Every attempt to send results with 535-5.7.8 Username and Password not accepted
Below is the command and it’s output. We are using 7.79.1 on Windows 10.
++++++++++
cURL.exe -sS --verbose --ssl --url "smtps://smtp.gmail.com:465" --mail-from c***********t_at_gmail.com --mail-rcpt homer_at_email.com --upload-file "C:\Users\xxxx\AppData\Local\TempClienTraxMessage.eml" --user c***********t_at_gmail.com --oauth2-bearer "ya29.A0ARrdaM869m57HXThnkvV-hOxYpsJgmTXQBh-wa5cK80vTLEgJAvbYj94lyi7GWiWzEmGRXjzP6EyCo6Ts8_I5kBj6btHikNxS0VLSwehkP06MMjz9axTz7Skh94LdmsDNjOcytsr-Ys-J3RS3jBrwETFM6E8"
++++++++++
* Trying 172.253.115.109:465...
* Connected to smtp.gmail.com (172.253.115.109) port 465 (#0)
* schannel: disabled automatic use of client certificate
< 220 smtp.gmail.com ESMTP g21-20020ac85815000000b002e06e2623a7sm13243273qtg.0 - gsmtp
> EHLO TempClienTraxMessage.eml
< 250-smtp.gmail.com at your service, [98.100.85.18]
< 250-SIZE 35882577
< 250-8BITMIME
< 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
< 250-ENHANCEDSTATUSCODES
< 250-PIPELINING
< 250-CHUNKING
< 250 SMTPUTF8
> AUTH OAUTHBEARER
< 334
> bixhPWNsaWVudHJheHRlc3RAZ21haWwuY29tLAFob3N0PXNtdHAuZ21haWwuY29tAXBvcnQ9NDY1AWF1dGg9QmVhcmVyIHlhMjkuQTBBUnJkYU04NjltNTdIWFRobmt2Vi1oT3hZcHNKZ21UWFFCaC13YTVjSzgwdlRMRWdKQXZiWWo5NGx5aTdHV2lXekVtR1JYanpQNkV5Q282VHM4X0k1a0JqNmJ0SGlrTnhTMFZMU3dlaGtQMDZNTWp6OWF4VHo3U2toOTRMZG1zRE5qT2N5dHNyLVlzLUozUlMzakJyd0VURk02RTgBAQ==
< 334 eyJzdGF0dXMiOiJpbnZhbGlkX3JlcXVlc3QiLCJzY29wZSI6Imh0dHBzOi8vbWFpbC5nb29nbGUuY29tLyJ9
> AQ==
< 535-5.7.8 Username and Password not accepted. Learn more at
< 535 5.7.8 https://support.google.com/mail/?p=BadCredentials g21-20020ac85815000000b002e06e2623a7sm13243273qtg.0 - gsmtp
* Closing connection 0
* schannel: shutting down SSL/TLS connection with smtp.gmail.com port 465
curl: (67) Login denied
Program Finished
++++++++
We have made sure that the https://www.googleapis.com/auth/gmail.send API is enabled in Googles API console and the the user we are sending from is also added. I realize that we can fall back on using an App Password to send emails with. But it would be ideal to have the ability to use OAUTH2 to minimize the work needed for end users to enable sending emails.
Thanks!
Thad
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-users Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2022-03-30