Sasl |
public class SaslMechanismOAuthBearer : SaslMechanism
The SaslMechanismOAuthBearer type exposes the following members.
Name | Description | |
---|---|---|
SaslMechanismOAuthBearer(NetworkCredential) | Initializes a new instance of the SaslMechanismOAuthBearer class. | |
SaslMechanismOAuthBearer(String, String) | Initializes a new instance of the SaslMechanismOAuthBearer class. |
Name | Description | |
---|---|---|
Credentials |
Get the user's credentials.
(Inherited from SaslMechanism) | |
IsAuthenticated |
Get or set whether the SASL mechanism has finished authenticating.
(Inherited from SaslMechanism) | |
MechanismName |
Get the name of the SASL mechanism.
(Overrides SaslMechanismMechanismName) | |
NegotiatedChannelBinding |
Get whether or not channel-binding was negotiated by the SASL mechanism.
(Inherited from SaslMechanism) | |
NegotiatedSecurityLayer |
Get whether or not a security layer was negotiated by the SASL mechanism.
(Inherited from SaslMechanism) | |
SupportsChannelBinding |
Get whether or not the SASL mechanism supports channel binding.
(Inherited from SaslMechanism) | |
SupportsInitialResponse |
Get whether or not the mechanism supports an initial response (SASL-IR).
(Overrides SaslMechanismSupportsInitialResponse) |
Name | Description | |
---|---|---|
Challenge(String, CancellationToken) |
Decode the base64-encoded server challenge and return the next challenge response encoded in base64.
(Inherited from SaslMechanism) | |
Challenge(Byte, Int32, Int32, CancellationToken) |
Parse the server's challenge token and return the next challenge response.
(Overrides SaslMechanismChallenge(Byte, Int32, Int32, CancellationToken)) | |
ChallengeAsync(String, CancellationToken) |
Asynchronously decode the base64-encoded server challenge and return the next challenge response encoded in base64.
(Inherited from SaslMechanism) | |
ChallengeAsync(Byte, Int32, Int32, CancellationToken) |
Asynchronously parse the server's challenge token and return the next challenge response.
(Inherited from SaslMechanism) | |
Equals | (Inherited from Object) | |
Finalize | (Inherited from Object) | |
GetHashCode | (Inherited from Object) | |
GetType | (Inherited from Object) | |
MemberwiseClone | (Inherited from Object) | |
Reset |
Reset the state of the SASL mechanism.
(Inherited from SaslMechanism) | |
ToString | (Inherited from Object) | |
TryGetChannelBindingToken |
Try to get a channel-binding token.
(Inherited from SaslMechanism) |
using System; using System.Threading; using System.Threading.Tasks; using Google.Apis.Util; using Google.Apis.Util.Store; using Google.Apis.Auth.OAuth2; using Google.Apis.Auth.OAuth2.Flows; using MailKit; using MailKit.Net.Imap; using MailKit.Security; namespace OAuth2GMailExample { class Program { const string GMailAccount = "username@gmail.com"; public static void Main (string[] args) { using (var client = new ImapClient ()) { client.Connect ("imap.gmail.com", 993, SecureSocketOptions.SslOnConnect); if (client.AuthenticationMechanisms.Contains ("OAUTHBEARER") || client.AuthenticationMechanisms.Contains ("XOAUTH2")) AuthenticateAsync (client).GetAwaiter ().GetResult (); client.Disconnect (true); } } static async Task AuthenticateAsync (ImapClient client) { var clientSecrets = new ClientSecrets { ClientId = "XXX.apps.googleusercontent.com", ClientSecret = "XXX" }; var codeFlow = new GoogleAuthorizationCodeFlow (new GoogleAuthorizationCodeFlow.Initializer { DataStore = new FileDataStore ("CredentialCacheFolder", false), Scopes = new [] { "https://mail.google.com/" }, ClientSecrets = clientSecrets }); // Note: For a web app, you'll want to use AuthorizationCodeWebApp instead. var codeReceiver = new LocalServerCodeReceiver (); var authCode = new AuthorizationCodeInstalledApp (codeFlow, codeReceiver); var credential = await authCode.AuthorizeAsync (GMailAccount, CancellationToken.None); if (credential.Token.IsStale) await credential.RefreshTokenAsync (CancellationToken.None); // Note: We use credential.UserId here instead of GMailAccount because the user *may* have chosen a // different GMail account when presented with the browser window during the authentication process. SaslMechanism oauth2; if (client.AuthenticationMechanisms.Contains ("OAUTHBEARER")) oauth2 = new SaslMechanismOAuthBearer (credential.UserId, credential.Token.AccessToken); else oauth2 = new SaslMechanismOAuth2 (credential.UserId, credential.Token.AccessToken); await client.AuthenticateAsync (oauth2); } } }
using System; using System.Threading; using System.Threading.Tasks; using MailKit; using MailKit.Net.Imap; using MailKit.Security; using Microsoft.Identity.Client; namespace OAuth2ExchangeExample { class Program { const string ExchangeAccount = "username@office365.com"; public static void Main (string[] args) { using (var client = new ImapClient ()) { client.Connect ("outlook.office365.com", 993, SecureSocketOptions.SslOnConnect); if (client.AuthenticationMechanisms.Contains ("OAUTHBEARER") || client.AuthenticationMechanisms.Contains ("XOAUTH2")) AuthenticateAsync (client).GetAwaiter ().GetResult (); client.Disconnect (true); } } static async Task AuthenticateAsync (ImapClient client) { var options = new PublicClientApplicationOptions { ClientId = "Application (client) ID", TenantId = "Directory (tenant) ID", RedirectUri = "https://login.microsoftonline.com/common/oauth2/nativeclient" }; var publicClientApplication = PublicClientApplicationBuilder .CreateWithApplicationOptions (options) .Build (); var scopes = new string[] { "email", "offline_access", "https://outlook.office.com/IMAP.AccessAsUser.All", // Only needed for IMAP //"https://outlook.office.com/POP.AccessAsUser.All", // Only needed for POP //"https://outlook.office.com/SMTP.AccessAsUser.All", // Only needed for SMTP }; AuthenticationResult? result; try { // First, check the cache for an auth token. result = await publicClientApplication.AcquireTokenSilent (scopes, username).ExecuteAsync (); } catch (MsalUiRequiredException) { // If that fails, then try getting an auth token interactively. result = await publicClientApplication.AcquireTokenInteractive (scopes).WithLoginHint (username).ExecuteAsync (); } // Note: We use result.Account.Username here instead of ExchangeAccount because the user *may* have chosen a // different Microsoft Exchange account when presented with the browser window during the authentication process. SaslMechanism oauth2; if (client.AuthenticationMechanisms.Contains ("OAUTHBEARER")) oauth2 = new SaslMechanismOAuthBearer (result.Account.Username, result.AccessToken); else oauth2 = new SaslMechanismOAuth2 (result.Account.Username, result.AccessToken); await client.AuthenticateAsync (oauth2); } } }