Chilkat Examples

ChilkatHOME.NET Core C#Android™AutoItCC#C++Chilkat2-PythonCkPythonClassic ASPDataFlexDelphi ActiveXDelphi DLLGoJavaLianjaMono C#Node.jsObjective-CPHP ActiveXPHP ExtensionPerlPowerBuilderPowerShellPureBasicRubySQL ServerSwift 2Swift 3,4,5...TclUnicode CUnicode C++VB.NETVBScriptVisual Basic 6.0Visual FoxProXojo Plugin

Objective-C Examples

Web API Categories

ASN.1
AWS KMS
AWS Misc
Amazon EC2
Amazon Glacier
Amazon S3
Amazon S3 (new)
Amazon SES
Amazon SNS
Amazon SQS
Async
Azure Cloud Storage
Azure Key Vault
Azure Service Bus
Azure Table Service
Base64
Bounced Email
Box
CAdES
CSR
CSV
Certificates
Cloud Signature CSC
Code Signing
Compression
DKIM / DomainKey
DNS
DSA
Diffie-Hellman
Digital Signatures
Dropbox
Dynamics CRM
EBICS
ECC
Ed25519
Email Object
Encryption
FTP
FileAccess
Firebase
GMail REST API
GMail SMTP/IMAP/POP
Geolocation
Google APIs
Google Calendar
Google Cloud SQL
Google Cloud Storage
Google Drive
Google Photos
Google Sheets
Google Tasks
Gzip
HTML-to-XML/Text
HTTP

HTTP Misc
IMAP
JSON
JSON Web Encryption (JWE)
JSON Web Signatures (JWS)
JSON Web Token (JWT)
Java KeyStore (JKS)
MHT / HTML Email
MIME
MS Storage Providers
Microsoft Graph
Misc
NTLM
OAuth1
OAuth2
OIDC
Office365
OneDrive
OpenSSL
Outlook
Outlook Calendar
Outlook Contact
PDF Signatures
PEM
PFX/P12
PKCS11
POP3
PRNG
REST
REST Misc
RSA
SCP
SCard
SFTP
SMTP
SSH
SSH Key
SSH Tunnel
ScMinidriver
SharePoint
SharePoint Online
Signing in the Cloud
Socket/SSL/TLS
Spider
Stream
Tar Archive
ULID/UUID
Upload
WebSocket
XAdES
XML
XML Digital Signatures
XMP
Zip
curl
uncategorized

 

 

 

(Objective-C) OAuth2 for GMail using a Service Account Key

Demonstrates how to use GMail with OAuth2 for a Google Service Account. The 1st step is to obtain a temporary access token from the Google OAuth 2.0 Authorization Server. This can be accomplished using Chilkat HTTP.

Once the access token is obtained, it may be used in IMAP XOAUTH2 authentication. The access token may be used while it remains valid to send as many emails as desired. Once it expires, a new access token needs to be obtained (using the same procedure).

Note: This is for OAuth2 using Google Service account keys.

Chilkat Objective-C Library Downloads

MAC OS X (Cocoa) Libs

iOS Libs

#import <CkoCert.h>
#import <NSString.h>
#import <CkoHttp.h>
#import <CkoImap.h>

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// --------------------------------------------------------------------
// Important:  In most cases, this example is not what you are looking for.
// This example is for OAuth2 using a Google Service Account Key.
// 
// It is more likely that the example you actually need is here:
// Get GMail IMAP OAuth2 Access Token 
// --------------------------------------------------------------------

// When a service account (Client ID) is created at https://code.google.com/apis/console/
// Google will generate a P12 key.  This is a PKCS12 (PFX) file that you will download
// and save.  The password to access the contents of this file is "notasecret".
// NOTE: The Chilkat Pfx API provides the ability to load a PFX/P12 and re-save
// with a different password.

// Begin by loading the downloaded .p12 into a Chilkat certificate object:
CkoCert *cert = [[CkoCert alloc] init];
BOOL success = [cert LoadPfxFile: @"/myDir/API Project-1c43a291e2a1-notasecret.p12" password: @"notasecret"];
if (success != YES) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

// The next (and final) step is to request the access token.  Chilkat internally
// does all the work of forming the JWT header and JWT claim set, encoding and
// signing the JWT, and sending the access token request.
// The application need only provide the inputs: The iss, scope(s), sub, and the
// desired duration with a max of 3600 seconds (1 hour).
// 
// Each of these inputs is defined as follows 
// (see https://developers.google.com/accounts/docs/OAuth2ServiceAccount
// iss: The email address of the service account.
// scope: A space-delimited list of the permissions that the application requests.
// sub: The email address of the user for which the application is requesting delegated access.
//      The sub may be empty if there is no delegation. (This is typical.)
// numSec: The number of seconds for which the access token will be valid (max 3600).

NSString *iss = @"761326798069-r5mljlln1rd4lrbhg75efgigp36m78j5@developer.gserviceaccount.com";
NSString *scope = @"https://mail.google.com/";
NSString *sub = @"";
int numSec = 3600;

CkoHttp *http = [[CkoHttp alloc] init];
NSString *accessToken = [http G_SvcOauthAccessToken: iss scope: scope subEmail: sub numSec: [NSNumber numberWithInt: numSec] cert: cert];
if (http.LastMethodSuccess != YES) {
    NSLog(@"%@",http.LastErrorText);
    return;
}
else {
    NSLog(@"%@%@",@"access token: ",accessToken);
}

// Now that we have the access token, it may be used to authenticate via XOAUTH2 with GMail:

CkoImap *imap = [[CkoImap alloc] init];

// GMail's IMAP service uses SSL and port 993.
imap.Ssl = YES;
imap.Port = [NSNumber numberWithInt:993];

// Connect to the GMail IMAP server.
success = [imap Connect: @"imap.gmail.com"];
if (success != YES) {
    NSLog(@"%@",imap.LastErrorText);
    return;
}

// Indicate that XOAUTH2 authentication is to be used:
imap.AuthMethod = @"XOAUTH2";

// Login
// The username must be the email address used for the "sub" argument when getting
// the access token.  Instead of using a password, pass the access token in the 2nd argument:
success = [imap Login: @"user@your-domain.com" password: accessToken];
if (success != YES) {
    NSLog(@"%@",imap.LastErrorText);
}
else {
    NSLog(@"%@",@"Successfully authenticate with GMail IMAP using XOAUTH2!");
}
 

© 2000-2024 Chilkat Software, Inc. All Rights Reserved.