0

I need to use oauth2 and imap to connect with Gmail, and I can see the code from https://github.com/simplegeo/python-oauth2:

import oauth2 as oauth
import oauth2.clients.imap as imaplib

# Set up your Consumer and Token as per usual. Just like any other
# three-legged OAuth request.
consumer = oauth.Consumer('your_consumer_key', 'your_consumer_secret')
token = oauth.Token('your_users_3_legged_token', 'your_users_3_legged_token_secret')

# Setup the URL according to Google's XOAUTH implementation. Be sure
# to replace the email here with the appropriate email address that
# you wish to access.
url = "https://mail.google.com/mail/b/your_users_email@gmail.com/imap/"

conn = imaplib.IMAP4_SSL('imap.googlemail.com')
conn.debug = 4 

# This is the only thing in the API for impaplib.IMAP4_SSL that has 
# changed. You now authenticate with the URL, consumer, and token.
conn.authenticate(url, consumer, token)

# Once authenticated everything from the impalib.IMAP4_SSL class will 
# work as per usual without any modification to your code.
conn.select('INBOX')
print conn.list()

But I cannot understand the Consumer and Token here.

  1. What do they mean?
  2. How can I get key and secret for them respectively?
  3. The client_id and client_secret I got from https://code.google.com/p/google-mail-oauth2-tools/wiki/OAuth2DotPyRunThrough. Is this Consumer or Token?
Cacheing
  • 3,431
  • 20
  • 46
  • 65

1 Answers1

3

The above code sample is for OAuth 1, not OAuth 2. Consumer key and secret, token and token secret are all OAuth 1 terms.

I think the confusion is created by the fact that the Python library used is called "oauth2". In my understanding this is the second incarnation of an OAuth 1 library, the name is unfortunate.

The documentation for using OAuth 2 with Gmail is at: https://developers.google.com/gmail/oauth_overview

mariuss
  • 902
  • 6
  • 7
  • Thanks for your answer. But do you know how to implement the authentication using OAuth2? Any code or document is appreciated. – Cacheing Aug 01 '13 at 17:31
  • I just edited the answer and provided the link to the documentation. – mariuss Aug 01 '13 at 18:48
  • I am still confused. Say, if I want to access user A's gmail, the access_token is generated by A, not me, right? – Cacheing Aug 01 '13 at 20:29
  • Normally you cannot access some other user's email. Yes, to access A's email A has to approve the grant. Unless you are managing a hosted domain, in which case you can use a service account. The domain manager has to grant impersonation access for your application. – mariuss Aug 01 '13 at 23:44
  • what does the `service account` mean? But I think `oauth2` helps us to get access to other user's email without having to know their password, right? – Cacheing Aug 02 '13 at 00:22
  • Yes, you can get access to other users email, but with their consent. The main documentation: https://developers.google.com/accounts/docs/OAuth2 Service accounts are described there. – mariuss Aug 21 '13 at 22:24