bvstone

MAILTOOL Now Supports OAuth 2.0 Authentication for GMail and Microsoft Outlook Cloud Accounts

Posted:

MAILTOOL Now Supports OAuth 2.0 Authentication for GMail and Microsoft Outlook Cloud Accounts

UPDATE!  Microsoft Outlook is also supported now for OAuth 2.0!

We're happy to announce that MAILTOOL (along with MAILTOOL Plus) has been updated to include the ability to send emails using GMail or Microsoft Outlook and the new OAuth 2.0 authentication process as outlined in this announcement from Google and this article to allow "Less Secure Apps" (at least for the time being) instead of requiring the new OAuth 2.0 authentication.

The reason for this is we have a feeling in the future Google (and possibly Microsoft) will turn off the feature to allow "Less Secure Apps" and wanted to be on top of things when they did.

Because we already have features for authenticating your Google and Microsoft Accounts using OAuth 2.0 with our GreenTools for Google Apps (G4G) and GreenTools for Microsoft Apps (G4MS) applications we were able to integrate this into MAILTOOL to allow this new security feature being implemented by Google and Microsoft for their email/SMTP Accounts.

This will require a little more setup up front, but once done it will ensure the most current security when it comes to access of your Google or Microsoft Accounts.

If you're interested in reading the OAuth 2.0 specs they're easy to find.  But, in a nutshell what it means is that 3rd party apps do not need to store the actual password for the account it is working with.  Instead, it uses Authentication Keys.

What Does This Mean?

This means that when sending emails from your IBM i (AS/400, iSeries, System i) with MAILTOOL using GMail or Microsoft Outlook as your email service, you no longer need to use or store the user id and password for the account in the MAILTOOL command or in a JSON Configuration File.  

Instead, you will set up your GMail or Outlook Account to use OAuth 2.0 Authentication (as shown below) and specify the special value of *G4G_XOAUTH2 (for GMail) or *G4MS_XOAUTH2 (for Outlook) as the SMTP Authentication User ID and leaving the SMTP Authentication Password blank.  This will tell MAILTOOL to use the "from" address as the account to use to validate the account using OAuth 2.0.

Requirements

The requirements for using this new authentication are as follows:

  • GreenTools for Google Apps (G4G) v6.02 or higher is installed and in the library list at run time if you're using a GMail Account
  • GreenTools for Microsoft Apps (G4MS) v1.20 or higher in installed and in the library list at run time if you're using an Outlook Account.
  • For each GMail account you wish to use OAuth 2.0 authentication the GMail SMTP Service (*GMAILSMTP) is registered through G4G.  
  • For each Outlook account you wish to use OAuth 2.0 authentication the Outlook SMTP Service (*OUTLOOKSMTP) is registered through G4MS.  
  • Because the base G4G and G4MS products handle all of the Access Tokens and top level communications, no separate license key is required for G4G or G4MS.
  • Get URI (GETURI) v4.09 or higher is installed and in the library list at run time.  
  • GETURI is used for the communications behind the scenes in G4G to keep the OAuth 2.0 Access Tokens up to date.  GETURI will require a separate license.

GMail Set Up

Setting up a GMail Account to use OAuth 2.0 authentication is done using the following steps:

Use the G4G Register Service (G4GRECSVC) command to register the Gmail Service for each GMail account you wish to use.  The service name used will be *GMAILSMTP.

G4GREGSVC ID(fieldexit.com@gmail.com) SERVICE(*GMAILSMTP)

Once this command is run you will be presented with the following display:

You will then copy and paste the text into the location bar of your browser (or click on it if your 5250 emulator makes it into a hot link).  We find that Internet Explorer or FireFox works best for this.  Using Chrome it seems to insert new line characters on the line breaks causing the URL to be corrupt.

Your browser should open up to a page like the following.

After clicking on the link (circles) you should be presented with your Google Account Signon (or a similar page that allows you to select the Google Account to use if you have multiple accounts):

After you've signed in to your Google account you are setting up, you will be asked if you want G4G to be able to access your email as shown in the following page:

In order for this to work you will need to click on the "Accept" Button.  When this is done, you will be presented with an authorization code:

Once the code is displayed, return to your green screen and push the F6 button and the code will be automatically retrieved from our server and setup for your Google account will be complete.. 

The registration is now complete for this user.

Microsoft Outlook Set Up

Setting up a Microsoft Outlook Account to use OAuth 2.0 authentication is done using very similar steps to setting up a GMail Account.

Use the G4MS Register Service (G4MSRECSVC) command to register the Outlook SMTP Service for each Outlook account you wish to use.  The service name used will be *OUTLOOKSMTP.

G4MSREGSVC ID(fieldexit.com@gmail.com) SERVICE(*OUTLOOKSMTP)

Follow the directions on the screen to complete the Outlook registration.

Using OAuth 2.0 in your Configuration or MAILTOOL Command

You can now use the value of *G4MS_XOAUTH2 as the SMTP Authentication User ID either on the MAILTOOL command or in the configuration file you are using for this user.  The SMTP Authentication Password does not need to be specified either.

An example of the JSON Configuration File:

...
	{
		"name":"smtp_auth_user",
		"default":"*G4G_XOAUTH2"
	},
	{
		"name":"smtp_auth_password",
		"default":" "
	},
...

An example of using the MAILTOOL Command:

MAILTOOL TOADDR(jclarkson@topgear.com) FROMADDR(fieldexit.com@gmail.com)
SUBJECT('New Veyron SS') 
MESSAGE('Did you see the new Veryron SS?') 
SENDWITH(*MAILTOOL) MAILRTR(SMTP.GMAIL.COM) USERTR(*ONLY) SSL(*YES) PORT(465) 
AUTHUSER(*G4G_XOAUTH2)

When emails are sent you must remember to have G4G or G4MS and GETURI (as well as MAILTOOL) in your library list.  This is because each time an email is sent the Authorization Key that is used needs to be checked to see if it is expired.  If it is, G4G or G4MS and GETURI are used to communicate with the Google or Microsoft Servers to renew the Authorization Key.


Last edited 07/04/2016 at 15:43:34



Latest Posts:

MAILTOOL Updated to Allow G4GSMAIL as Option in Routers File MAILTOOL Updated to Allow G4GSMAIL as Option in Routers File
Posted by June 28, 2020
BVSTools >> BVSTools Announcements >> eMail Tool (MAILTOOL) Specific Announcements
BVSTools Now Offers Interface with Infor's ION APIs BVSTools Now Offers Interface with Infor's ION APIs
Posted by May 15, 2020
BVSTools >> BVSTools Announcements
More V7R4 IFS File CCSID Issues and The Fix More V7R4 IFS File CCSID Issues and The Fix
Posted by March 4, 2020
IBM Power Systems >> (QGPL) IBM i
Error Retrieving IP Address by Name Error Retrieving IP Address by Name
Posted by February 25, 2020
BVSTools >> BVSTools Software Discussion
Logging jobs that hit an outq Logging jobs that hit an outq
Posted by February 13, 2020
Programming >> CL Programming
GreenTools for Google Apps (G4G) v12.60 Released with Shared Drive Features and More... GreenTools for Google Apps (G4G) v12.60 Released with Shared Drive Features and More...
Posted by February 4, 2020
BVSTools >> BVSTools Announcements >> GreenTools for G Suite (Google Apps) (G4G) Specific Announcements
Allowing Requests over Port 80 For SSL Validation (ie, Namecheap, etc) Allowing Requests over Port 80 For SSL Validation (ie, Namecheap, etc)
Posted by January 31, 2020
Programming >> Web Programming
GreenTools for Slack (G4SLK) v3.00 Released GreenTools for Slack (G4SLK) v3.00 Released
Posted by January 17, 2020
BVSTools >> BVSTools Announcements >> GreenTools for Slack (G4SLK) Specific Announcements
Calling a QSH Command from RPG Calling a QSH Command from RPG
Posted by December 26, 2019
Programming >> RPG Programming
SPLTOOL Print Range (PRTRNG) Function Updated to Handle Spooled Files up to 999,999,999 Pages SPLTOOL Print Range (PRTRNG) Function Updated to Handle Spooled Files up to 999,999,999 Pages
Posted by December 14, 2019
BVSTools >> BVSTools Announcements >> Spooled File Tools (SPLTOOL) Specific Announcements
GreenTools for Microsoft Apps (G4MS) Updated to v6.00 - Now Uses Microsoft Graph APIs GreenTools for Microsoft Apps (G4MS) Updated to v6.00 - Now Uses Microsoft Graph APIs
Posted by November 24, 2019
BVSTools >> BVSTools Announcements >> GreenTools for Microsoft Apps (G4MS) Specific Announcements
V7R4 Changes CCSID of Compressed File Using PASE JAR Command - Here's The Fix V7R4 Changes CCSID of Compressed File Using PASE JAR Command - Here's The Fix
Posted by November 21, 2019
IBM Power Systems >> (QGPL) IBM i
Using GETURI to Make OAuth 2.0 Requests - Custom Headers for Access Tokens Using GETURI to Make OAuth 2.0 Requests - Custom Headers for Access Tokens
Posted by November 11, 2019
BVSTools >> BVSTools Software Discussion >> Get URI (GETURI) Specific Discussion
GreenTools for Microsoft Apps (G4MS) v5.00 Released with Updated OneDrive Support and 3rd Party Functionality GreenTools for Microsoft Apps (G4MS) v5.00 Released with Updated OneDrive Support and 3rd Party Functionality
Posted by October 20, 2019
BVSTools >> BVSTools Announcements >> GreenTools for Microsoft Apps (G4MS) Specific Announcements
BVSTools is Now Running V7R4M0 BVSTools is Now Running V7R4M0
Posted by September 28, 2019
BVSTools >> BVSTools Announcements

Reply




Copyright 1983-2020 BVSTools
GreenBoard(v3) Powered by the eRPG SDK, MAILTOOL Plus!, GreenTools for Google Apps, jQuery, jQuery UI, BlockUI, CKEditor and running on the IBM i (AKA AS/400, iSeries, System i).