Authenticate to Yahoo and Outlook.com email servers with OAuth 2.0

+3 votes
asked Nov 21, 2016 by Rebex KB (8,190 points)

I am trying to authenticate to Yahoo and Outlook (live.com) mail servers with OAuth 2.0.

How can I do this with Rebex Secure Mail component?

Applies to: Rebex Secure Mail

1 Answer

+2 votes
answered Nov 21, 2016 by Tomas Knopp (58,580 points)
edited Nov 21, 2016 by Tomas Knopp
 
Best answer

Generaly, you can follow the blog we wrote about authenticating to Gmail with OAuth 2.0.

Getting the OAuth2.0 token and setting the appropriate permissions and scopes is definitely server-dependent and you have to solve it yourself separately for each server.

Outlook.com (live.com):

Follow this tutorial to get the OAuth 2.0 access token from Outlook. Make sure to set the right permissions and scopes for Outlook.com (live.com) mail servers.
You will most likely have to use the deprecated Live Connect APIs(login.live.com) and need to pass the "wl.imap" scope for both SMTP and IMAP full server access. No other scopes than a full one seem to be supported.

Yahoo mail servers:

Follow this StackOverflow question. It is even more tricky to set the permissions and get the OAuth 2.0 access tokens from yahoo, as yahoo recently removed this option from their UI. See this answer for a possible solution. In short you will have to write your own web form, send the request to a special site and set the scope to set "ymrf" for full mail access ("ymrs" for summary, "ymrw" for Read/Write access).

However, once proper permissions are in place and you have the OAuth 2.0 access token, you can just easily authenticate within your app:

// create SMTP client instance and connect
// (same applies for Rebex.Net.Imap)
var client = new Rebex.Net.Smtp();
client.Connect("mail-server", SslMode.Implicit);

// prepare token
string pattern = string.Format("user={0}{1}auth=Bearer {2}{1}{1}", userEmail, '\x1', accessToken);
string token = Convert.ToBase64String(Encoding.ASCII.GetBytes(pattern));

// log in using OAuth 2.0
client.Login(token, SmtpAuthentication.OAuth20);
...