|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) OAuth2 for a GMail using a JSON Service Account KeyThis example shows how to obtain an OAuth2 access token for Gmail using a Google Service Account and a JSON private key. Once acquired, the access token can be used to send emails. Remember, upon token expiration, this process needs to be repeated to obtain a new token. Note: This procedure is specific to OAuth2 with Google Service Account keys.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # -------------------------------------------------------------------------------- # For a step-by-step guide for setting up your Google Workspace service account, # see Setup Google Workspace Account for Sending SMTP GMail from a Service Account # -------------------------------------------------------------------------------- # First load the JSON key into a string. set fac [new_CkFileAccess] set jsonKey [CkFileAccess_readEntireTextFile $fac "qa_data/googleApi/chilkat25-b4214220e565.json" "utf-8"] if {[CkFileAccess_get_LastMethodSuccess $fac] != 1} then { puts [CkFileAccess_lastErrorText $fac] delete_CkFileAccess $fac exit } # A Google service account JSON private key looks like this: # { # "type": "service_account", # "project_id": "chilkat25", # "private_key_id": "b4214220f565881e19eeb97c2699bf5a0d1e3e0b", # "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQ...NXcM=\n-----END PRIVATE KEY-----\n", # "client_email": "chilkatsvc@chilkat25.iam.gserviceaccount.com", # "client_id": "109122032928932715958", # "auth_uri": "https://accounts.google.com/o/oauth2/auth", # "token_uri": "https://oauth2.googleapis.com/token", # "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", # "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/chilkatsvc%40chilkat25.iam.gserviceaccount.com", # "universe_domain": "googleapis.com" # } set gAuth [new_CkAuthGoogle] CkAuthGoogle_put_JsonKey $gAuth $jsonKey # Specify a scope. CkAuthGoogle_put_Scope $gAuth "https://mail.google.com/" # Request an access token that is valid for this many seconds. CkAuthGoogle_put_ExpireNumSeconds $gAuth 3600 # When using a Google Workspace account with Gmail APIs, a service account can impersonate a user # via a process called domain-wide delegation � and the "sub" claim in the JWT is what enables this. # Domain-wide delegation allows a Google Workspace administrator to authorize a service account to # act on behalf of any user in the domain, without user interaction. # This is required for server-to-server access to user data � such as reading/sending Gmail from a background service. # This is your company email address. CkAuthGoogle_put_SubEmailAddress $gAuth "info@chilkat.xyz" # Connect to www.googleapis.com using TLS set tlsSock [new_CkSocket] set success [CkSocket_Connect $tlsSock "www.googleapis.com" 443 1 5000] if {$success != 1} then { puts [CkSocket_lastErrorText $tlsSock] delete_CkFileAccess $fac delete_CkAuthGoogle $gAuth delete_CkSocket $tlsSock exit } # Send the request to obtain the access token. set success [CkAuthGoogle_ObtainAccessToken $gAuth $tlsSock] if {$success != 1} then { puts [CkAuthGoogle_lastErrorText $gAuth] delete_CkFileAccess $fac delete_CkAuthGoogle $gAuth delete_CkSocket $tlsSock exit } # Examine the access token: set accessToken [CkAuthGoogle_accessToken $gAuth] puts "Access Token: $accessToken" # Sample output: # ya29.a0AW4XtxjGTD67Z8 .... IRw0218 # The access token allows us to send unlimited emails while it's valid. Once it expires, we must obtain and use a new one. # ----------------------------------------------------------------------- set mailman [new_CkMailMan] # Set the properties for the GMail SMTP server: CkMailMan_put_SmtpHost $mailman "smtp.gmail.com" CkMailMan_put_SmtpPort $mailman 587 CkMailMan_put_StartTLS $mailman 1 CkMailMan_put_SmtpUsername $mailman "info@chilkat.xyz" CkMailMan_put_OAuth2AccessToken $mailman $accessToken # Create a new email object set email [new_CkEmail] CkEmail_put_Subject $email "This is a test" CkEmail_put_Body $email "This is a test" CkEmail_put_From $email "Chilkat Test <info@chilkat.xyz>" set success [CkEmail_AddTo $email "Chilkat Software" "info@chilkatsoft.com"] # To add more recipients, call AddTo, AddCC, or AddBcc once per recipient. set success [CkMailMan_SendEmail $mailman $email] if {$success != 1} then { puts [CkMailMan_lastErrorText $mailman] delete_CkFileAccess $fac delete_CkAuthGoogle $gAuth delete_CkSocket $tlsSock delete_CkMailMan $mailman delete_CkEmail $email exit } set success [CkMailMan_CloseSmtpConnection $mailman] if {$success != 1} then { puts "Connection to SMTP server not closed cleanly." } puts "Successfully sent email using Gmail with a service account key." delete_CkFileAccess $fac delete_CkAuthGoogle $gAuth delete_CkSocket $tlsSock delete_CkMailMan $mailman delete_CkEmail $email |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.