Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Be able to runt the script without having to switchAllow less secure apps to OFF #5

Open
cvaldez98 opened this issue Jun 4, 2020 · 7 comments
Open

feat: Be able to runt the script without having to switchAllow less secure apps to OFF #5

cvaldez98 opened this issue Jun 4, 2020 · 7 comments

Comments

@cvaldez98
Copy link

cvaldez98 commented Jun 4, 2020
edited
Loading

This is probably a big one, I'm not sure how we can do this actually, but thought this would be a good place for discussion
@Kimeiga
Copy link

Kimeiga commented Jun 5, 2020

Yeah this app only worked after i used a gmail without 2fa and setting this setting to ON
image

@Kimeiga
Copy link

Kimeiga commented Jun 5, 2020

After a while google thought it was malicious and blocked it from continuing and sent me an email with this warning:
image

@Kimeiga
Copy link

Kimeiga commented Jun 5, 2020

and the following error

Traceback (most recent call last):
  File "send.py", line 150, in <module>
    server.send_message(msg)
  File "/Users/hakan/anaconda3/envs/CM122/lib/python3.7/smtplib.py", line 967, in send_message
    rcpt_options)
  File "/Users/hakan/anaconda3/envs/CM122/lib/python3.7/smtplib.py", line 867, in sendmail
    raise SMTPSenderRefused(code, resp, from_addr)
smtplib.SMTPSenderRefused: (421, b'4.7.0 Try again later, closing connection. (MAIL) np5sm7650128pjb.43 - gsmtp', '<my-email>')

@evanlohn
Copy link

evanlohn commented Jun 5, 2020

@bcylincoln and I are interested in trying to solve this; we're going to try to build off
https://developers.google.com/identity/protocols/oauth2/native-app#loopback-ip-address
and
https://developers.google.com/gmail/api/guides?hl=en_US

to use OAuth2 and the Gmail API to send emails. Any tips would be greatly appreciated!

@Kimeiga
Copy link

Kimeiga commented Jun 5, 2020

My tip would have been too use oauth from the start haha

@evanlohn
Copy link

evanlohn commented Jun 5, 2020

Any ideas on how to manage client secret/ client id?

https://github.com/googleapis/google-api-python-client/blob/master/docs/oauth-installed.md#overview

The above link seems to simultaneously suggest that the client secret and id do and do not need to be kept secret, i.e.

"The client ID and client secret obtained from the API Console are embedded in the source code of your application. In this context, the client secret is obviously not treated as a secret."
vs
"Download the client_secrets.json file and securely store it in a location that only your application can access.

Important: Do not store the client_secrets.json file in a publicly-accessible location, and if you share the source code to your application—for example, on GitHub—store the client_secrets.json file outside of your source tree to avoid inadvertently sharing your client credentials."

@aatxe
Copy link

aatxe commented Jun 5, 2020

If you have 2FA enabled on the account, you can generate an application-specific password and not need to enable less-secure apps.

@evanlohn evanlohn mentioned this issue Jun 6, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@aatxe @cvaldez98 @Kimeiga @evanlohn