I have an app in NodeJS which calls the outlook api and reads a user's mails. I'm connecting this to a MySQL db where I'm storing specific email replies.The app is working perfectly.
My problem is that I have to sign-in every hour to refresh the access token.
I need a way of calling the outlook api, returning the emails, store them in a db, and then expose them through an API. And I wanna automate this outlook api call through a cron job.
Does anyone have any ideas on how I can accomplish this?
What I believe you are looking for is App-only access a.k.a access without a user. More on this below.
https://developer.microsoft.com/en-us/graph/docs/concepts/auth_v2_service
In addition, you get a refresh token along with the user consented access token. You can then refresh the access token periodically using the refresh token. More on this below:
https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code#refresh-the-access-token
Related
I am creating a service where people will send emails to this one email account and this email account will regularly poll for new emails. The problem that I am having is that I will need to authenticate my email account and allow my service to call Google APIs to read it's mail box.
I was wondering if it would be alright to just authenticate myself once before deploying the service and then storing the access and refresh tokens in a database and then using those tokens to make the API calls. Are there any foreseeable problems such as the tokens expiring?
And if there are, do you have any suggestions on making API calls to the account without me having to login to the account to authenticate myself?
What you are wondering is correct. As you are getting a refresh token, you are asking for offline access which means you want make API calls on behalf of the user when is not present.
Access tokens have an expiration time, refresh tokens don't. However, there are some scenarios where refresh tokens could be revoked (and you need to handle them). So you have to use access tokens to make API calls and refresh tokens to generate new access tokens (when those have expired).
I am writing this goroutine that'll call the GMail API and poll my inbox every 2 minutes or so. The problem I am having trouble with is the authentication part because it'll need me to login and authenticate myself and give authorization to the app to read my inbox. I am trying to eliminate the part where I will need to login via the Web UI and give access to my program. Does anyone have any ideas on how to login and authenticate myself programmatically?
You should be able to use the steps here in order to generate and OAuth client ID, then use that to connect using oauth?:
https://github.com/google/GTMAppAuth/blob/master/Example-macOS/README.md
Failing that, you could use IMAP access to bypass the api entirely. Turn on imap in settings and use a library like this to access your messages:
https://github.com/emersion/go-imap/blob/v1/README.md
I have a single page application with some user-related calendars. The task is to write integration with the google calendar. A user should be able to click on 'integrate with google calendar', select his google account, give read+write access to the calendar, and then the application should be able to do a number of things within the user google calendar like creating a new calendar and sync all events inside it with the application data.
I started with this example, https://developers.google.com/calendar/quickstart/js
It works, but as I understand it's for online front end work only. Is it possible to retrieve authentication from this front end and send it to the back end? I want back end to operate server-to-server mode, while the user is offline.
I have checked the other, back end gapi integrations, but they do not look so cool, there're some redirects. I want to keep everything inside a single page with ajax and popups.
In order to access a users data when the user is off line you need something called offline access. When you authecate the user you will need to request offline access then the server will return to you a refresh token.
A refresh token is long lived you will be able to use your refresh token at anytime to request a new access token which will allow you to access the users data.
You cant use offline access with JavaScript you will need to use a server sided language like say node.js, php, phython .... you will not be able to use gapi
I am trying to be able to set up a cron job to read contents from a certain email in my gmail inbox daily. I lookeed up gmail api documentation and noticed that the only way to authenticate my requests to access email data is via OAuth 2.0 which requires user authorization. Is there a way to authorize my app to access emails from a particular email id without the need for the user to manually take any actions.
I found this: https://developers.google.com/identity/sign-in/web/server-side-flow. I was wondering if there is any way to follow this workflow without having to build the UI?
Technically speaking you can use Oauth2 you just have to have the user authentication your application once. You will get a refresh token then you can use the refresh token to get a new access token from cron. Unless this is a Google domain account you cant use service accounts. There is no way to pre authorize a service account to access a normal user gmail.
Alternative: have you considered going directly though the mail server? Skip the rest api. https://developers.google.com/gmail/oauth_overview Note: That page also speaks of XOauth2 I haven't tried it yet you can still access SMTP and IMAP using username and password.
We are using the refresh token to get Google Calendar free/busy events. When our application connects with Google account of a user for the first time, we obtain a "Refresh Token" and store that in our database and use that for fetching free/busy events from Google. Things were working fine but now the problem is that whenever a user changes its Gmail password then we're unable to call the Google Api using the stored refresh token. The reason we've have found is that Google revokes the Api access for all applications associated to that account on password change/reset. In our application, calendar is still connected to Google (because we do not make call to reconnect with google again). How can we check/identify if the stored Refresh token is still valid or not? Is there any suggested workaround for this problem?