Sending via Gmail from Xojo App - oAuth? Plugins? Help?

I’m in the weeds with Lightwright’s email-sending feature, which sends email with attachments using SMTP. For years, it’s worked great. Now it’s not working when trying to send email via Gmail.

I’ve run circles, trying app-specific passwords, various security options, etc. - and now it looks like Gmail requires oAuth authentication. I see MBS can generate an oAuth token, but I don’t see a way to use that in the context of sending email.

At this point, I’m worn out and more than a little snow blind from looking at so many code snippets, with no obvious way to stitch them together to make it all work. Is there a plugin or sample code available somewhere that does all of this? I have MBS, but there are so many options and no clear road forward.

Thoughts? Suggestions? Should I hire someone to code this for me? I just need to get this feature working again…

Have you had them turn on 2 factor authentication on the gmail account and create an App password for your application to send the email with. We have found this works with our Xojo apps emailing with Gmail no longer requiring the less secure apps gmail option.

Link to How setup App Password

Users don’t know what an app password is. I had at least half a dozen tickets on them LAST WEEK alone. User: my password is not working. Me: you have to use an app specific password. User: my password is not working.

The problem with OAuth is that you have to get your app approved with Google.

This is deprecated, or even blocked now or soon!

Yeah google just makes it harder instead of easier and more secure. The oAuth is not really an good alternative since SMTP is still used. They do this because people leak passwords by forgetting the secure settings (required) on smtp.

I haven’t tried it but what about the chilkat plug-ins?

That sounds like the easiest-on-the-user solution, but I’ll admit that looking at the Google Cloud Platform pages, I’m even more baffled.

I did look at it, but there are so many puzzle pieces to put together I’m not sure where to start, and there’s still the hurdle of getting Lightwright approved by Google. I’ll do some digging before throwing in the proverbial towel :slight_smile:

I’ve got OAuth working for logging in. Doing the rest (getting mailboxes, header, emails) is my first priority after the next release of my software is done. I’m still daunted by getting the approval from Goggle.

1 Like

I found this, it looks relatively straightforward:

Yes, I managed that a while ago. Here is the relevant section:

Google pays attention to data privacy and users protection. Scope that we are asking for, gmail.readonly , is restricted and therefore Google requires any application that uses it to go through the verification process where dedicated team will assess your use case and either approve your application or not.

When doing the OAuth in my app there is a warning that the access is not verified or some such idiocy.

Show me. I find no where that using App Passwords is deprecated. Using Less Secure Apps option is but not using 2 Factor Authentication with an App Password.

That is for the Less Secure Apps option which is turned off when using 2 Factor Authentication with an App Password. I see nothing there stating App Passwords are deprecated.

this whole mechanism is so damn dark and complicated !!

In the (near) future Gmail will only be possible when Google approves your app. And looking at the requirements to get it approved will not be a easy thing to do.
You may need to look at alternatives in the future.

For OAuth this is already the case.

I know, but they did announced more strict rules that will be soon activated.