Vince, Thank you very much for your detailed instruction. You are great! On Fri, Aug 3, 2012 at 5:05 AM, Vince <[email protected]> wrote:
> The library/sample code at the link you provided includes a class named > "XoauthAuthenticator" with "getSession" and "connectToImap" methods on it. > > That code works fine for 3-legged OAuth, but you need to use 2-legged > OAuth access so you can impersonate users for a given domain. > > > For 2legged OAuth, just pass 'null' for the oauthToken and > oauthTokenSecret arguments for the getSession method. You can then pass > this session in as the first argument in the connectToImap method like this: > javax.mail.Store store > =XoauthAuthenticator.connectToImap(XoauthAuthenticator.getSession(...), " > imap.googlemail.com", 993, <<email address>>); > > From there, you're just using a standard-issue javax.mail.Store object, > and you can use the javamail docs for that. > > > > There are a couple code changes needed for the XoauthAuthenticator > and XoauthSaslResponseBuilder classes. > > For reference, I was able to put the below steps together using > documentation here: > > https://developers.google.com/google-apps/gmail/oauth_protocol#constructing > (especially note the "SASL Initial Client Request" section). > > > Assuming your application has already been granted 2LOA access to the " > https://mail.google.com/"; scope, the following changes should work for > you: > > 1) change the XoauthAuthenticator class constructor to not put the > following 2 key/values into the props object. These are only used in > 3-legged OAuth: > - XoauthSaslClientFactory.OAUTH_TOKEN_PROP > - XoauthSaslClientFactory.OAUTH_TOKEN_SECRET_PROP > > 2) Change the code in XoauthSaslResponseBuilder.buildResponse method that > deals with putting the OAuthToken into the response. > First, remove the line: > parameters.put(OAuth.OAUTH_TOKEN, oauthToken); > > Second, change the 'url' variable to append the "xoauth_requestor_id" > parameter onto the URL so that the correct user's IMAP session is opened. > try { > url = String.format("%s?xoauth_requestor_id=%s", > url, URLEncoder.encode(userEmail, "UTF-8")); > } > catch (UnsupportedEncodingException ex) { > // not going to happen - UTF-8 is guaranteed by every jvm > } > > Good luck - > Vince. > > > On Monday, July 30, 2012 2:18:38 AM UTC-5, Jerry Wang wrote: >> >> I am writing a script to access all employees emails by using Google IMAP >> with OAuth: https://developers.google.com/**google-apps/gmail/oauth_** >> overview <https://developers.google.com/google-apps/gmail/oauth_overview> >> . This script should let me delete, move and export any users emails. >> However, I cannot find any clue in Google API to impersonate another user >> to access his email. (This impersonation is easy for Google Docs, but not >> available for Gmail. ) Please help, any suggestion will be >> appreciate. Thanks in advance. > > -- > You received this message because you are subscribed to the Google Groups > "Google Apps Domain Information and Management APIs" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/google-apps-mgmt-apis/-/h0i6xqnWrm4J. > > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > -- *Jerry Wang* Founder of Cloud Drive Software Team, Yantai, China Website: www.gdocsdrive.com Twitter: twitter.com/gdocsdrive Facebook: facebook.com/gdocsdrive <http://www.facebook.com/gdocsdrive> Phone: 86-135-735-66498 (only available from 9:00 AM to 8:00 PM GMT HK time) -- You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
