imap
imap copied to clipboard
Add OAuth support
Starting February 15, 2021, G Suite accounts will only allow access to apps using OAuth https://github.com/google/gmail-oauth2-tools/issues/18
Ouch :\
Hi I am are using your library to get emails from gmail. I want to switch to googles new oauth system quite soon. Is there any progress on this issue for ddeboer/imap?
No one is working on it, as far as I know
I believe ddboer/imap can do nothing unless something is done to the PHP extension: https://wiki.php.net/todo/ext/imap TL;DR ddeboer/imap only gives the basic auth to the extension and the extension gives it to an old C library not written by the PHP community
This gives me hope: https://wiki.php.net/todo/ext/imap/xoauth2
There are also some workarounds for G Suite: https://medium.com/@freescout/oauth-2-0-g-suite-microsoft-365-and-php-7da16ca74314
Huh, nice, I've always used App password indeed.
I consider this topic closed.
Hi! @Slamdunk @freescout-helpdesk @croensch @LinusBrockmeyer @sombatos
The strategy to overcome the problem is replacing all the imap_*
functions with the equivalent imap2_*
-
imap_open(...)
becomeimap2_open(...)
-
imap_getmailboxes(...)
becomeimap2_getmailboxes(...)
etc...
The idea behind the imap2
library is to replace the core php imap extension with a new one written in PHP.
Why? The problem is related to the UW-IMAP https://github.com/uw-imap/imap it seem outdate from 2019. There are many security concerns about it
I'm waiting from your feedback! I hope that imap2
is a good replacement for imap
Hi @francescobianco, I guess you are referring to your library https://github.com/javanile/php-imap2
I have to say App passwords are now well spread and supported, so I'm not intended to change this library auth methods.
I have to say App passwords are now well spread and supported, so I'm not intended to change this library auth methods.
Microsoft will disable the basic auth as of 01.10.2022 permanently.
From that point on, only OAuth2 is allowed and possible.
Google doesn't seem to be going that far at the moment, but it could come when microsoft shuts down the feature in October.
At this point app passwords are not working anymore, because of the missing basic auth.
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-may-2022/ba-p/3301866
Microsoft has also started to randomly disable regular logins for various users, which is why I became aware of it. I first made the users aware of the app passwords, with which they can continue to work until October. Until then, a solution must be found. Office365 is unfortunately very common.
Hi @Orgoth , please, get you a chance to PHP-IMAP2 (https://github.com/javanile/php-imap2) This is a FULL implementation of standard PHP IMAP functions like (imap_open, imap_getmailboxes, imap_*, etc...)
This was full tested, every input to imap2_* functions get back the same output of imap_* equivalent
The IMAP2 works well with OAUTH
This libray can be installed with composer
composer require javanile/php-imap2
This libray introduce a easy way to replace the old PHP-IMAP with new one:
JUST replace all imap_(...) functions with imap2_(...)
NO OTHER AMENDS are required.
Please give me the opportunity to make my sacrifices useful to the community.
cc @sombatos @freescout-helpdesk @croensch @ddeboer
Hi @francescobianco, thank you for your hard work on IMAP2. I will test it, I was a bit irritated because imap_open was not marked under XOAUTH2 compatibility :)
I will provide brief feedback on how the tests went. :+1:
Thanks! @Orgoth ! I'm not scared by hard work, my mission is to work full time on it, to build a professional replacement for standard IMAP. I'm looking for people who believe in this project to have the peace of mind to invest all my time on it.
I will do an update of the compatibility table later this month of course both imap_open and many others will be 100% by that date.
Sorry for the late feedback. So far it has worked with the oAuth token from Google to establish a connection and retrieve messages. There were a few adjustments necessary to make ddeboer work, but nothing complex. Replacing the imap_ functions with the imap2_. As well as an adjustment of the check if a resource exists.
This is just a small quick adjustment that I can test and can certainly be solved better.
ddeboer/imap/src/ImapResource.php:50
if( class_exists('\Javanile\Imap2\Connection') && $this->resource instanceof \Javanile\Imap2\Connection )
{
if( !$this->resource->isConnected() ) {
throw new InvalidResourceException('Supplied resource is not a valid imap resource');
}
}
else
{
if (false === \is_resource($this->resource) || 'imap' !== \get_resource_type($this->resource)) {
throw new InvalidResourceException('Supplied resource is not a valid imap resource');
}
}
$server = new Server('imap.gmail.com','993','/imap/ssl/novalidate-cert',[],OP_XOAUTH2);
$connection = $server->authenticate('[email protected]',$_SESSION['token']);
$box = $connection->getMailbox('INBOX');
print_r($box);
$messages = $box->getMessages();
print_r($messages);
Hi @Orgoth,
Does this competeer work for you? After I'm trying this I get a lot of errors inside isAttachment function, event when I fix this other errors fetching the body occurs.
Hi @rickkock,
unfortunately, I have had similar experiences. Currently, I am in the process of correcting fetch_body and other parts.
When I am done, I will try to provide all changes I made. As pull-request or issue at https://github.com/javanile/php-imap2/
https://github.com/javanile/php-imap2/pull/12 I've fixed most of the issues in BodyStructure.php, perhaps that will help you as well.
@Orgoth I've tested this version on over 2000 e-mails and compared the output to the original imap_fetchstructure function to make sure these matched exactly, I think I got most of them covered, not sure about charsets though.
@Orgoth probably caused by yet another flashy structured e-mail indeed, causing it to break much earlier in parsing and landing here with wrong item data. If you need help just let me know. Fyi what I did to compare the outputs was running both imap2_fetchstructure and imap_fetchstructure and json_encoding the results and compare them :-) quick and dirty.
@Orgoth To me it seems something before we get into getEncoding is broken, a list of attachments should never arrive at that function. Although your fix hides the issue I think we should determine the real issue. If you could send me a json encoded version of the structure I'll have a look into it. You can do this easily by enabling line 33 (and 34) in BodyStructure
@Orgoth could you also supply the json encode of the original imap_fetchstructure of the message?
@Orgoth I've fixed the array version, only there is some discrepancy in the output/source for the text/html part
["lines"]=>int(167)
["bytes"]=>int(5493)
vs
"lines": 194,
"bytes": 5852,
but these two values match your input, so that's strange. The root cause however is fixed.
@Orgoth I will update my patch shortly. For the "*" e-mail, is it possible to get the raw IMAP response from the FETCH command? Perhaps by using telnet to speak IMAP yourself to the server or by adding a print/echo in Roundcube/ImapClient.php around line 2472 with the $line data?
https://github.com/javanile/php-imap2/pull/12/commits/2874eb99723414e2951596bf6ab5563ec5eeda28 is the new commit for the array issue, this was caused by how a related part was parsed.
Fixed in https://github.com/javanile/php-imap2/pull/12/commits/f119d258b22e1c340bacaa53c7fbe5b8e38d94bd
No need to compensate, I need this php-imap2 library working properly too :-)
Fixed in https://github.com/javanile/php-imap2/pull/12/commits/2fe8fade8e5091a90a47155f707f84ea64fa69b9
However the output still differs in line/bytes on the RFC822 part but possible thats caused by the different imap servers used.
@Orgoth sorry had a few days off :-) You fixed the last issue afaik? So all works now? Then I'll all your 2 updates in my pull request.
@Orgoth I've taken a new approach which simplifies everything. I've updated the PR https://github.com/javanile/php-imap2/pull/12 for those interested
Original Comment:
I am not sure what the best venue for asking this would be, and I am sorry if this is something I should already know (I am a bit of a PHP tourist rather than a proper developer), but... I was thrilled to find the javanile/php-imap2 project when I had to convert one of our projects to use OAuth2 instead of password for O365 access, but now I am trying to figure the best way to actually do this.
This thread suggests that that testing has been done for using PHP Imap Library (this project) using javanile/php-imap2 instead of php-core imap. I was wondering how to do this - is there a block of php_function_rename calls, a way of unloading the core imap library so php-imap2 can use its bootstrap.php to define things like imap_open to point to an imap2_open call, or is there a version of ddeboer/imap that has all the imap_XXXX calls substituted for imap2_XXXX calls?
In case anyone else is having the same question, I will leave this here, but the answer is "just do not install the php-imap official module." ie yum/apt remove php-imap if you installed via package, and such.
I am aware that, general conscious on this is to not integrate oAuth in this library.
However, with two major Email Providers out of 3 phasing out IMAP completely, it's a good opportunity to revisit it.
Google is phasing out IMAP : https://workspaceupdates.googleblog.com/2023/09/winding-down-google-sync-and-less-secure-apps-support.html
Unfortunately, the reliability of the library https://github.com/javanile/php-imap2 is a major concern, as it breaks at multiple levels, even critical PRs on it are not integrated. Not to mention, the roundcube library it uses under the hood, has it's own issues with getting stuck and time-outs.