[Fixed]-Use imaplib and oauth for connection with Gmail


Here’s an example using the oauth2 module to authenticate using oauth, taken from the readme:

import oauth2 as oauth
import oauth2.clients.imap as imaplib

# Set up your Consumer and Token as per usual. Just like any other
# three-legged OAuth request.
consumer = oauth.Consumer('your_consumer_key', 'your_consumer_secret')
token = oauth.Token('your_users_3_legged_token', 

# Setup the URL according to Google's XOAUTH implementation. Be sure
# to replace the email here with the appropriate email address that
# you wish to access.
url = "https://mail.google.com/mail/b/your_users_email@gmail.com/imap/"

conn = imaplib.IMAP4_SSL('imap.googlemail.com')
conn.debug = 4 

# This is the only thing in the API for impaplib.IMAP4_SSL that has 
# changed. You now authenticate with the URL, consumer, and token.
conn.authenticate(url, consumer, token)

# Once authenticated everything from the impalib.IMAP4_SSL class will 
# work as per usual without any modification to your code.
print conn.list()

Quite a bit cleaner than using xoauth.



Google has a good example code to do OAuth2 and IMAP. Also make sure that your scope is

'scope': 'https://mail.google.com/'
'access_type': 'offline'

Below is from the code sample in google example

import base64
import imaplib

my_email = "xyz@gmail.com"
access_token = ""    #Oauth2 access token

auth_string = GenerateOAuth2String(my_email, access_token, base64_encode=False)
TestImapAuthentication(my_email, auth_string)

def TestImapAuthentication(user, auth_string):
  """Authenticates to IMAP with the given auth_string.

  Prints a debug trace of the attempted IMAP connection.

    user: The Gmail username (full email address)
    auth_string: A valid OAuth2 string, as returned by GenerateOAuth2String.
        Must not be base64-encoded, since imaplib does its own base64-encoding.
  imap_conn = imaplib.IMAP4_SSL('imap.gmail.com')
  imap_conn.debug = 4
  imap_conn.authenticate('XOAUTH2', lambda x: auth_string)

def GenerateOAuth2String(username, access_token, base64_encode=True):
  """Generates an IMAP OAuth2 authentication string.

  See https://developers.google.com/google-apps/gmail/oauth2_overview

    username: the username (email address) of the account to authenticate
    access_token: An OAuth2 access token.
    base64_encode: Whether to base64-encode the output.

    The SASL argument for the OAuth2 mechanism.
  auth_string = 'user=%s\1auth=Bearer %s\1\1' % (username, access_token)
  if base64_encode:
    auth_string = base64.b64encode(auth_string)
  return auth_string


Here is an example of connecting to IMAP using routines present in Google’s xoauth.py. It’ll output some debug information, so you’ll probably want to switch to using the oauth package for a real application. At least this should get you started:

import imaplib
import random
import time

import xoauth

MY_EMAIL = 'xxx@gmail.com'
MY_TOKEN = # your token
MY_SECRET = # your secret

def connect():
    nonce = str(random.randrange(2**64 - 1))
    timestamp = str(int(time.time()))

    consumer = xoauth.OAuthEntity('anonymous', 'anonymous')
    access = xoauth.OAuthEntity(MY_TOKEN, MY_SECRET)
    token = xoauth.GenerateXOauthString(
        consumer, access, MY_EMAIL, 'imap', MY_EMAIL, nonce, timestamp)

    imap_conn = imaplib.IMAP4_SSL('imap.googlemail.com')
    imap_conn.authenticate('XOAUTH', lambda x: token)

    return imap_conn


Leave a comment