我使用passport.js作为我的身份验证服务从google获取oauth2访问令牌(https://github.com/jaredhanson/passport-google-oauth#usage-of-oauth-20),我可以获取访问令牌范围:https://mail.google.com/,https : //www.googleapis.com/auth/userinfo.email.但是,当我尝试连接到imap(使用https://github.com/mscdex/node-imap)时,我收到错误:"凭证无效".
以下是我使用的代码段代码:
var authData = [ "user=" + ('test@gmail.com' || ""), "auth=Bearer " + 'ya29.LgBFSGtnPtfHLxkAAADjgeEFpUC9nD31kP5BqLKuH1MO3e_TRSdRTjEVKqQ-GQ', "", ""]; var xoauth2_token = new Buffer(authData.join("\x01"), "utf-8").toString("base64"); var imap = new Imap({ user: ‘test@gmail.com', xoauth2: xoauth2_token, host: 'imap.gmail.com', port: 993, tls: true, debug: console.log }); imap.on('ready', function() { imap.openBox('INBOX', true, function() { var f = imap.seq.fetch(1); f.on('message', function(m) { m.once('attributes', function(attrs) { console.log(attrs); }); }); f.on('end', function() { imap.end(); }); }); }); imap.connect();
请求和响应的标头:
[connection] Connected to host <= '* OK Gimap ready for requests from 212.143.212.222 ce43mb7026158web' => 'A0 CAPABILITY' <= '* CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH AUTH=XOAUTH2 AUTH=PLAIN AUTH=PLAIN-CLIENTTOKEN' <= 'A0 OK Thats all she wrote! ce43mb7026158web' => 'A1 AUTHENTICATE XOAUTH2 dXNlcj11YXBwZmFjdG9yeUBnbWFpbC5jb20BYXV0aD1CZWFyZXIgeWEyOS5MZ0JGU0d0blB0ZkhMeGtBQUFEamdlRUZwVUM5bkQzMWtQNUJxTEt1SDFNTzNlX0dMU2RSVGpFVktxUS1HUQEB' <= '+ eyJzdGF0dXMiOiI0MDAiLCJzY2hlbWVzIjoiQmVhcmVyIiwic2NvcGUiOiJodHRwczovL21haWwuZ29vZ2xlLmNvbS8ifQ==' => '\r\n' <= 'A1 NO [ALERT] Invalid credentials (Failure)'
我试着指定空密码,没有,用户或没有,注意似乎工作.
我还关注了google网站上的示例:https://developers.google.com/gmail/xoauth2_libraries
在我的Google帐户中,我可以看到我用来连接谷歌并获取令牌的应用程序,管理和查看电子邮件的授权,以及有关用户个人资料的基本详细信息.
我究竟做错了什么?
我遇到了同样的问题.它与OAuth 2.0 Scopes有关.
首先,我要求访问权限:
https:// www.googleapis.com/auth/userinfo.profile
https:// www.googleapis.com/auth/userinfo.email
有了这些范围,我就得到了这个错误.
"A1 NO [ALERT]凭证无效(失败)"
最后,我发现了使用OAuth 2.0
IMAP和SMTP访问的范围是https://mail.google.com/.
我请求该范围的权限,事情开始工作.
var params = { response_type: "code", client_id: "YOUR_CLIENT_ID", redirect_uri: "REDIRECT_URI", scope: 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email https://mail.google.com/', approval_prompt: 'force' };
问候,
jcvalerio