I've successfully deployed a Spring Boot app on Heroku. This app should send emails after an user fills a form.
The problem is that, in local it works, but in Heroku the app always throws AuthenticationFailedException because it is trying to sign in with my Gmail account from Heroku's server in another country.
My Gmail account does not have two factor authentication and less secure app option is enabled.
How can I solve this? How can my Spring Boot app in a server abroad sign in with my Gmail account from another country?
How can I solve this?
By not using Gmail. It's not meant for automated, programmatic email delivery.
Instead, use something like SendGrid or Mailgun. These services are designed for programmatic mail delivery, and both are available as official Heroku addons with free tiers.
Related
I developed a java application that read a gmail inbox folder and proccess the retrieved messages.
I'm using gmail api with Oauth authorization to access this email.
The problem is that I need to use jenkins to deploy this app and at the first time you need to access a browser link to give access to gmail api. any idea how can I solve it?
I tried to send stored credential, but I always receive this message in jenkins console:
Please open the following address in your browser:
https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=XXXXXXXXXXXXXXXX.apps.googleusercontent.com&redirect_uri=http://localhost:8888/Callback&response_type=code&scope=https://www.googleapis.com/auth/gmail.modify%20https://www.googleapis.com/auth/drive
Need a solution to deploy this app, there is another authorization type?
I want to use Gmail API to send email in JAVA,and all information I fond told me to create a Service accounts and connect with Google Workspace. But I don't have a Google Workspace account also can't register one,so the question is:
1.Can I send email without Google Workspace?
2.Can I just Add 'type' into Client ID.json to make it work like Service accounts.json?
Can I send email without Google Workspace?
Yes you can use gmail api without workspace you will just need to use Oauth2 rather than a service account and authorize a user.
Oauth2 requires that a user consent to the access to their google account. A user will need to authorize your code at least once.
Where as service accounts allow you to preauthroize access defined using domain wide delegation within a google workspace account. So no user interaction would be required.
Can I just Add 'type' into Client ID.json to make it work like Service accounts.json?
No the code is different depending upon the type of client you have created. If you create a web client then you need to use code designed for a web client. If you create installed client credentials then you need to use the code for an installed client.
The following sample Java quickstart is designed for an installed app. It will open the browser consent window on the machine the code is running on.
I'm developing an Android application that connects to a web service written in PHP and saves/retrieves some user information.
I need a way to securely identify users of that application on the web server. I can easily use AccountManager to retrieve user email and send it to the web server, but what is the simplest way to authenticate it?
My web service doesn't use any Google services/APIs. The only thing that I need is to confirm (on web server side) that user#gmail.com is really user#gmail.com.
We have a Client Server Based Java Product, I need to integrate google OAuth in server dashboard where our client can sign in and allow access to gmail API. After that, server will use REFRESH TOKEN and ACCESS TOKEN to send Email reports to some emails Ids using client gmail Via Java Mail API.
We need to implement sign in only once and send mails forever i.e. Offline Access (Means REFRESH TOKEN is compulsory).
Our product is deployed as in premise as well as cloud based (At a time only one). Thus in client environment we can have private ip or public ip or public ip mapped to dns.
I know there are two way in which this can be done:
1) server side authentication
2) client side authentication
In Both cases you need public dns mapped REDIRECT URI ie a url where google will redirect the user after sign in. But in our case, we dont have
always a public domain mapped to client server machine. Also we cannot provide localhost in redirect uri as well.
SO
PROBLEM I: What should be used in place of REDIRECT_URI
PROBLEM II: We have many clients so should we use one application for each client or we should deploy a single application on cloud, where each client dashboard will be redirected while sign in and in response we will get token.
Any other alternatives for above problem will be appreciated.
Ok i got the architecture.
Google apps give the flexibility to add multiple java script origins and redirect uri's.
So we need to create only one app in developer console. For each client, we will add a authorized java script origin and redirect uri in google app online. And when sign in button will be pressed in client's server we will give redirect uri accoring to that client which is already added in google app. For private ip there is no solution, but localhost can be used with the restriction to sign in from browser on server system.
I am developing a web application using strut2 framework and using gmail credentials for login to that application. I am able to use google account services for login purpose successfully. Now I am trying to implement SSO between gmail & my application. The use case is "If user is already logged into gmail, I want that user to log automatically into my application".
How should I go about it?