bvstone

MAILTOOL Now Supports OAuth 2.0 Authentication for GMail and Microsoft Outlook Cloud Accounts

Posted:

MAILTOOL Now Supports OAuth 2.0 Authentication for GMail and Microsoft Outlook Cloud Accounts

UPDATE!  Microsoft Outlook is also supported now for OAuth 2.0!

We're happy to announce that MAILTOOL (along with MAILTOOL Plus) has been updated to include the ability to send emails using GMail or Microsoft Outlook and the new OAuth 2.0 authentication process as outlined in this announcement from Google and this article to allow "Less Secure Apps" (at least for the time being) instead of requiring the new OAuth 2.0 authentication.

The reason for this is we have a feeling in the future Google (and possibly Microsoft) will turn off the feature to allow "Less Secure Apps" and wanted to be on top of things when they did.

Because we already have features for authenticating your Google and Microsoft Accounts using OAuth 2.0 with our GreenTools for Google Apps (G4G) and GreenTools for Microsoft Apps (G4MS) applications we were able to integrate this into MAILTOOL to allow this new security feature being implemented by Google and Microsoft for their email/SMTP Accounts.

This will require a little more setup up front, but once done it will ensure the most current security when it comes to access of your Google or Microsoft Accounts.

If you're interested in reading the OAuth 2.0 specs they're easy to find.  But, in a nutshell what it means is that 3rd party apps do not need to store the actual password for the account it is working with.  Instead, it uses Authentication Keys.

What Does This Mean?

This means that when sending emails from your IBM i (AS/400, iSeries, System i) with MAILTOOL using GMail or Microsoft Outlook as your email service, you no longer need to use or store the user id and password for the account in the MAILTOOL command or in a JSON Configuration File.  

Instead, you will set up your GMail or Outlook Account to use OAuth 2.0 Authentication (as shown below) and specify the special value of *G4G_XOAUTH2 (for GMail) or *G4MS_XOAUTH2 (for Outlook) as the SMTP Authentication User ID and leaving the SMTP Authentication Password blank.  This will tell MAILTOOL to use the "from" address as the account to use to validate the account using OAuth 2.0.

Requirements

The requirements for using this new authentication are as follows:

  • GreenTools for Google Apps (G4G) v6.02 or higher is installed and in the library list at run time if you're using a GMail Account
  • GreenTools for Microsoft Apps (G4MS) v1.20 or higher in installed and in the library list at run time if you're using an Outlook Account.
  • For each GMail account you wish to use OAuth 2.0 authentication the GMail SMTP Service (*GMAILSMTP) is registered through G4G.  
  • For each Outlook account you wish to use OAuth 2.0 authentication the Outlook SMTP Service (*OUTLOOKSMTP) is registered through G4MS.  
  • Because the base G4G and G4MS products handle all of the Access Tokens and top level communications, no separate license key is required for G4G or G4MS.
  • Get URI (GETURI) v4.09 or higher is installed and in the library list at run time.  
  • GETURI is used for the communications behind the scenes in G4G to keep the OAuth 2.0 Access Tokens up to date.  GETURI will require a separate license.

GMail Set Up

Setting up a GMail Account to use OAuth 2.0 authentication is done using the following steps:

Use the G4G Register Service (G4GRECSVC) command to register the Gmail Service for each GMail account you wish to use.  The service name used will be *GMAILSMTP.

G4GREGSVC ID(fieldexit.com@gmail.com) SERVICE(*GMAILSMTP)

Once this command is run you will be presented with the following display:

You will then copy and paste the text into the location bar of your browser (or click on it if your 5250 emulator makes it into a hot link).  We find that Internet Explorer or FireFox works best for this.  Using Chrome it seems to insert new line characters on the line breaks causing the URL to be corrupt.

Your browser should open up to a page like the following.

After clicking on the link (circles) you should be presented with your Google Account Signon (or a similar page that allows you to select the Google Account to use if you have multiple accounts):

After you've signed in to your Google account you are setting up, you will be asked if you want G4G to be able to access your email as shown in the following page:

In order for this to work you will need to click on the "Accept" Button.  When this is done, you will be presented with an authorization code:

Once the code is displayed, return to your green screen and push the F6 button and the code will be automatically retrieved from our server and setup for your Google account will be complete.. 

The registration is now complete for this user.

Microsoft Outlook Set Up

Setting up a Microsoft Outlook Account to use OAuth 2.0 authentication is done using very similar steps to setting up a GMail Account.

Use the G4MS Register Service (G4MSRECSVC) command to register the Outlook SMTP Service for each Outlook account you wish to use.  The service name used will be *OUTLOOKSMTP.

G4MSREGSVC ID(fieldexit.com@gmail.com) SERVICE(*OUTLOOKSMTP)

Follow the directions on the screen to complete the Outlook registration.

Using OAuth 2.0 in your Configuration or MAILTOOL Command

You can now use the value of *G4MS_XOAUTH2 as the SMTP Authentication User ID either on the MAILTOOL command or in the configuration file you are using for this user.  The SMTP Authentication Password does not need to be specified either.

An example of the JSON Configuration File:

...
	{
		"name":"smtp_auth_user",
		"default":"*G4G_XOAUTH2"
	},
	{
		"name":"smtp_auth_password",
		"default":" "
	},
...

An example of using the MAILTOOL Command:

MAILTOOL TOADDR(jclarkson@topgear.com) FROMADDR(fieldexit.com@gmail.com)
SUBJECT('New Veyron SS') 
MESSAGE('Did you see the new Veryron SS?') 
SENDWITH(*MAILTOOL) MAILRTR(SMTP.GMAIL.COM) USERTR(*ONLY) SSL(*YES) PORT(465) 
AUTHUSER(*G4G_XOAUTH2)

When emails are sent you must remember to have G4G or G4MS and GETURI (as well as MAILTOOL) in your library list.  This is because each time an email is sent the Authorization Key that is used needs to be checked to see if it is expired.  If it is, G4G or G4MS and GETURI are used to communicate with the Google or Microsoft Servers to renew the Authorization Key.


Last edited 07/04/2016 at 15:43:34



Latest Posts:

GreenTools For G Suite (G4G) v12.00 Released With Base OAuth 2.0 Functionality GreenTools For G Suite (G4G) v12.00 Released With Base OAuth 2.0 Functionality
Posted by July 28, 2019
BVSTools >> BVSTools Announcements >> GreenTools for G Suite (Google Apps) (G4G) Specific Announcements
BVSTools Small Price Increase in 2020 BVSTools Small Price Increase in 2020
Posted by July 26, 2019
BVSTools >> BVSTools Announcements
GreenTools for Vertex Cloud (VTXCLOUD) Now Available GreenTools for Vertex Cloud (VTXCLOUD) Now Available
Posted by July 22, 2019
BVSTools >> BVSTools Announcements >> GreenTools for Vertex Cloud (VTXCLOUD) Specific Announcements
GreenTools for Google Apps (G4G) - Drive Addon Successfully Verified by Google GreenTools for Google Apps (G4G) - Drive Addon Successfully Verified by Google
Posted by July 22, 2019
BVSTools >> BVSTools Announcements >> GreenTools for G Suite (Google Apps) (G4G) Specific Announcements
Why I Cancelled my DynDNS Service and How I Replaced It with an IBM i Application Why I Cancelled my DynDNS Service and How I Replaced It with an IBM i Application
Posted by July 17, 2019
IBM Power Systems >> (QGPL) IBM i
Green Tools for G Suite (G4G) Product Updates (Licensing, Functionality, Base Product) Green Tools for G Suite (G4G) Product Updates (Licensing, Functionality, Base Product)
Posted by July 13, 2019
BVSTools >> BVSTools Announcements >> GreenTools for G Suite (Google Apps) (G4G) Specific Announcements
Reading JSON Data from Standard Input With YAJL and RPG Reading JSON Data from Standard Input With YAJL and RPG
Posted by July 12, 2019
Programming >> Proof of Concept (POC)
MAILTOOL Updated to Allow Use of IBM Global Security Kit (GSKIT) for SSL/TLS Communications MAILTOOL Updated to Allow Use of IBM Global Security Kit (GSKIT) for SSL/TLS Communications
Posted by June 19, 2019
BVSTools >> BVSTools Announcements >> eMail Tool (MAILTOOL) Specific Announcements
GETURI v10.00 Released Supporting IBM Global Security Kit (GSKIT) and Server Name Indication (SNI) GETURI v10.00 Released Supporting IBM Global Security Kit (GSKIT) and Server Name Indication (SNI)
Posted by June 11, 2019
BVSTools >> BVSTools Announcements >> Get URI (GETURI) Specific Announcements
BVSTools Now Offers Vertex Cloud Interface BVSTools Now Offers Vertex Cloud Interface
Posted by April 15, 2019
BVSTools >> BVSTools Announcements
Token Has an Invalid Signature Error for Office 365 Email Token Has an Invalid Signature Error for Office 365 Email
Posted by March 22, 2019
BVSTools >> BVSTools Software Discussion >> GreenTools for Microsoft Apps (G4MS) Specific Discussion
Resending Emails that have Errored Out with Updated Router or Authentication Information Resending Emails that have Errored Out with Updated Router or Authentication Information
Posted by March 1, 2019
BVSTools >> BVSTools Software Discussion >> Email Tools (MAILTOOL) Specific Discussion
BVSTools Offers Toolset to Work With HubSpot OAuth 2.0 APIs On Your IBM i BVSTools Offers Toolset to Work With HubSpot OAuth 2.0 APIs On Your IBM i
Posted by January 27, 2019
BVSTools >> BVSTools Announcements
G4MSDRV Currently Not Supported G4MSDRV Currently Not Supported
Posted by January 17, 2019
BVSTools >> BVSTools Announcements >> GreenTools for Microsoft Apps (G4MS) Specific Announcements
Removing Trailing Carriage Returns and/or Line Feeds from a String with RPG Removing Trailing Carriage Returns and/or Line Feeds from a String with RPG
Posted by December 26, 2018
Programming >> RPG Programming

Reply




Copyright 1983-2019 BVSTools
GreenBoard(v3) Powered by the eRPG SDK, MAILTOOL Plus!, GreenTools for Google Apps, jQuery, jQuery UI, BlockUI, CKEditor and running on the IBM i (AKA AS/400, iSeries, System i).