I developed a java application that read a gmail inbox folder and proccess the retrieved messages.
I'm using gmail api with Oauth authorization to access this email.
The problem is that I need to use jenkins to deploy this app and at the first time you need to access a browser link to give access to gmail api. any idea how can I solve it?
I tried to send stored credential, but I always receive this message in jenkins console:
Please open the following address in your browser:
https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=XXXXXXXXXXXXXXXX.apps.googleusercontent.com&redirect_uri=http://localhost:8888/Callback&response_type=code&scope=https://www.googleapis.com/auth/gmail.modify%20https://www.googleapis.com/auth/drive
Need a solution to deploy this app, there is another authorization type?
Related
I want to use Gmail API to send email in JAVA,and all information I fond told me to create a Service accounts and connect with Google Workspace. But I don't have a Google Workspace account also can't register one,so the question is:
1.Can I send email without Google Workspace?
2.Can I just Add 'type' into Client ID.json to make it work like Service accounts.json?
Can I send email without Google Workspace?
Yes you can use gmail api without workspace you will just need to use Oauth2 rather than a service account and authorize a user.
Oauth2 requires that a user consent to the access to their google account. A user will need to authorize your code at least once.
Where as service accounts allow you to preauthroize access defined using domain wide delegation within a google workspace account. So no user interaction would be required.
Can I just Add 'type' into Client ID.json to make it work like Service accounts.json?
No the code is different depending upon the type of client you have created. If you create a web client then you need to use code designed for a web client. If you create installed client credentials then you need to use the code for an installed client.
The following sample Java quickstart is designed for an installed app. It will open the browser consent window on the machine the code is running on.
I've successfully deployed a Spring Boot app on Heroku. This app should send emails after an user fills a form.
The problem is that, in local it works, but in Heroku the app always throws AuthenticationFailedException because it is trying to sign in with my Gmail account from Heroku's server in another country.
My Gmail account does not have two factor authentication and less secure app option is enabled.
How can I solve this? How can my Spring Boot app in a server abroad sign in with my Gmail account from another country?
How can I solve this?
By not using Gmail. It's not meant for automated, programmatic email delivery.
Instead, use something like SendGrid or Mailgun. These services are designed for programmatic mail delivery, and both are available as official Heroku addons with free tiers.
We have a Client Server Based Java Product, I need to integrate google OAuth in server dashboard where our client can sign in and allow access to gmail API. After that, server will use REFRESH TOKEN and ACCESS TOKEN to send Email reports to some emails Ids using client gmail Via Java Mail API.
We need to implement sign in only once and send mails forever i.e. Offline Access (Means REFRESH TOKEN is compulsory).
Our product is deployed as in premise as well as cloud based (At a time only one). Thus in client environment we can have private ip or public ip or public ip mapped to dns.
I know there are two way in which this can be done:
1) server side authentication
2) client side authentication
In Both cases you need public dns mapped REDIRECT URI ie a url where google will redirect the user after sign in. But in our case, we dont have
always a public domain mapped to client server machine. Also we cannot provide localhost in redirect uri as well.
SO
PROBLEM I: What should be used in place of REDIRECT_URI
PROBLEM II: We have many clients so should we use one application for each client or we should deploy a single application on cloud, where each client dashboard will be redirected while sign in and in response we will get token.
Any other alternatives for above problem will be appreciated.
Ok i got the architecture.
Google apps give the flexibility to add multiple java script origins and redirect uri's.
So we need to create only one app in developer console. For each client, we will add a authorized java script origin and redirect uri in google app online. And when sign in button will be pressed in client's server we will give redirect uri accoring to that client which is already added in google app. For private ip there is no solution, but localhost can be used with the restriction to sign in from browser on server system.
I downloaded the Spring social project from https://github.com/spring-projects/spring-social-samples/tree/master/spring-social-quickstart
When I run the project on Tomcat, after asking for connection and connecting to facebook, the webpage automatically redirects to
http://localhost:8080/spring-social-quickstart/signin?error=provider#=
I am unable to understand the error. can anyone help?
//After Debugging
It is never executing the method in HomeController.java which extracts the friends and return the next page.
Check the followings:
Most probably you are disconnected from Internet. So check your network connectivity.
Ensure you have given correct username and password while connecting to facebook.
Client Id and secret (generally in XML or properties file, you get it when you create your application in facebook / twitter) you use are correct.
Make sure that you have defined a callback url while creating application in facebook / twitter.
I managed to get Azure AD Authentication to work by using the sample apps from ADAL4J library from GitHub.
Here it is working.
My question is:
Can the same result be accomplished without the redirect to the Microsoft page?
The customer wants to use his own internal login page.
I'm thinking some sort of behind the scenes POST request to the same URL, and getting the reply. This means my app will see the user credentials, I am ok with that.
Is this supported by Azure AD?
Environment:
Java server side (Spring), AngularJS UI.
Thanks.
The redirect is necessary. Only AAD should be collecting AAD credentials. See this answer for more information on why that is:
How to authenticate user with Azure Active Directory using OAuth 2.0?