0

We want to offer users of our (web-based) personal document management solution the possibility to import documents sent as attachments to their GMail addresses.

Our current solution of just allowing our users's to store their login credentials in our web app and then using this to access the user's GMail inbox via IMAP is not only suboptimal from a security standpoint (we'd rather not store the login credentials, if possible), it also sometimes (maybe when we're polling too often or for too many users's) leads to the login attempts of our app being blocked by GMail. We get the error message "[ALERT] Please log in via your web browser: http://support.google.com/mail/accounts/bin/answer.py?answer=78754" from the IMAP server and our user's report that they see that GMail has blocked some "possible hacking attempts" or similar.

So my main questions are these:

  • Would switching to OAuth for authentication (and still using IMAP to check our user's inbox, just authenticated with the OAuth tokens) help in this situation? I found documentation on how to do this, I just want to know if it would help in this situation.
  • Are there any guidelines/quotas/restrictions on how often we should / are allowed to poll a user's inbox (or how many connections we open to GMail in parallel etc.)? I couldn't find anything about this in the developer docs at Googles site.
  • Is there any other way besides IMAP to be able to import attachments from GMail messages into our app?
David
  • 1,359
  • 1
  • 13
  • 20

1 Answers1

1

Answers to your questions

1.Benefit of using OAuth is that you are not storing user's credential directly.So you will redirect user to google login page,where google will authenticate user and provide you an access token and refresh token,you can then access user's emails using access token and google API.Refresh token is to regenerate that access token.

2.Since gmail supports IMAP4 protocol with Idle you can use it to accept real-time notifications from gmail server when new email comes(you dont need to poll gmail every time)

Cris
  • 12,799
  • 5
  • 35
  • 50
  • I already know how OAuth works, we've already implemented it for Google Drive and other services. My question was more directed towards if authenticating user's via OAuth would help with the error message we're seeing in this case. – David Apr 03 '14 at 14:29
  • And we have quite a lot of users that have their GMail account connected to our service, so keeping an IMAP Idle connection open from our server to GMail for each one probably also would not scale, if I understand it correctly. – David Apr 03 '14 at 14:45
  • 1
    OAuth would definitely help you to get rid of error you are getting now also instead of having a IDLE connection open at all time,you can open it for every user once he logs in to your system. – Cris Apr 03 '14 at 15:05