Python 如何通过gmail发送电子邮件而不启用';访问不安全';?
谷歌正在推动我们提高对gmail smtp服务器脚本访问的安全性。我对此没有异议。事实上我很乐意帮忙 但他们并没有让事情变得容易。建议我们升级到一个更安全的应用程序,使用最新的安全措施,这是很好的,但这并不能帮助我解决如何升级如下代码的问题:Python 如何通过gmail发送电子邮件而不启用';访问不安全';?,python,gmail,Python,Gmail,谷歌正在推动我们提高对gmail smtp服务器脚本访问的安全性。我对此没有异议。事实上我很乐意帮忙 但他们并没有让事情变得容易。建议我们升级到一个更安全的应用程序,使用最新的安全措施,这是很好的,但这并不能帮助我解决如何升级如下代码的问题: server = smtplib.SMTP("smtp.gmail.com", 587) server.ehlo() server.starttls() server.login(GMAIL_USER, GMAIL_PASSWORD) server.sen
server = smtplib.SMTP("smtp.gmail.com", 587)
server.ehlo()
server.starttls()
server.login(GMAIL_USER, GMAIL_PASSWORD)
server.sendmail(FROM, TO, MESSAGE)
server.close()
当然,我会去打开“不太安全的应用程序的访问”,但是如果有人已经想出了用什么来替换这个代码,我将不胜感激。你考虑过使用Gmail API吗?该API内置了安全功能,并专门针对Gmail进行了优化。您可以在上找到API文档-例如,下面是Send API调用的文档:
这很痛苦,但我现在似乎有点不对劲 Python3不受支持(尚未) 我不认为这会太难实现,因为我在转换包时遇到了障碍,没有碰到任何大的东西:只是通常的2to3东西。然而,几个小时后,我厌倦了逆流而上。在撰写本文时,我找不到一个公开的Python3包供公众使用。相比之下,Python2的体验是直截了当的 浏览谷歌网站是成功的一半 毫无疑问,随着时间的推移,这种情况将会改变。最终,您需要下载一个
client\u secret.json
文件。您只能(可能)通过web浏览器进行以下设置:
API和Auth
->凭证
OAuth
下选择createnewclientid
已安装的应用程序
作为应用程序类型,选择其他下载JSON
。那样做。这是你的客户机\u secret.json
——可以说是密码API's&auth
->同意屏幕
gmail.storage
保存一个包含可重用令牌的文件
[我没有幸运地将令牌转移到一台没有图形浏览器功能的机器上,该机器返回一个HTTPError。我试图通过lynx图形浏览器通过它。这也失败了,因为谷歌已经将最后的“接受”按钮设置为“禁用”!?我将提出另一个问题来跳过这一障碍(更多抱怨)]
首先,您需要一些库:
pip install --upgrade google-api-python-client
pip install --upgrade python-gflags
- 您需要更改收件人和发件人地址
- 确保您拥有客户机\u token.json文件,无论
指令要求它在哪里存储
- 目录需要是可写的,这样才能保存
文件gmail.storage
import base64
import httplib2
from email.mime.text import MIMEText
from apiclient.discovery import build
from oauth2client.client import flow_from_clientsecrets
from oauth2client.file import Storage
from oauth2client.tools import run
# Path to the client_secret.json file downloaded from the Developer Console
CLIENT_SECRET_FILE = 'client_secret.json'
# Check https://developers.google.com/gmail/api/auth/scopes for all available scopes
OAUTH_SCOPE = 'https://www.googleapis.com/auth/gmail.compose'
# Location of the credentials storage file
STORAGE = Storage('gmail.storage')
# Start the OAuth flow to retrieve credentials
flow = flow_from_clientsecrets(CLIENT_SECRET_FILE, scope=OAUTH_SCOPE)
http = httplib2.Http()
# Try to retrieve credentials from storage or run the flow to generate them
credentials = STORAGE.get()
if credentials is None or credentials.invalid:
credentials = run(flow, STORAGE, http=http)
# Authorize the httplib2.Http object with our credentials
http = credentials.authorize(http)
# Build the Gmail service from discovery
gmail_service = build('gmail', 'v1', http=http)
# create a message to send
message = MIMEText("Message goes here.")
message['to'] = "yourvictim@goes.here"
message['from'] = "you@go.here"
message['subject'] = "your subject goes here"
body = {'raw': base64.b64encode(message.as_string())}
# send it
try:
message = (gmail_service.users().messages().send(userId="me", body=body).execute())
print('Message Id: %s' % message['id'])
print(message)
except Exception as error:
print('An error occurred: %s' % error)
希望这能让我们都开始。不像以前那样简单,但现在看起来确实不那么复杂了。我可以从肉体上看到。约翰·米的答案似乎过时了。 它在2016年7月不起作用。 可能是因为Gmail API的更新。 我将他的代码(python 2)更新如下:
"""Send an email message from the user's account.
"""
import base64
from email.mime.audio import MIMEAudio
from email.mime.base import MIMEBase
from email.mime.image import MIMEImage
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
import mimetypes
import os
#from __future__ import print_function
import httplib2
import os
from apiclient import discovery
import oauth2client
from oauth2client import client
from oauth2client import tools
from apiclient import errors
SCOPES = 'https://www.googleapis.com/auth/gmail.compose'
CLIENT_SECRET_FILE = 'client_secret.json'
APPLICATION_NAME = 'Gmail API Python Quickstart'
try:
import argparse
flags = argparse.ArgumentParser(parents=[tools.argparser]).parse_args()
except ImportError:
flags = None
def SendMessage(service, user_id, message):
"""Send an email message.
Args:
service: Authorized Gmail API service instance.
user_id: User's email address. The special value "me"
can be used to indicate the authenticated user.
message: Message to be sent.
Returns:
Sent Message.
"""
try:
message = (service.users().messages().send(userId=user_id, body=message)
.execute())
print 'Message Id: %s' % message['id']
return message
except errors.HttpError, error:
print 'An error occurred: %s' % error
def CreateMessage(sender, to, subject, message_text):
"""Create a message for an email.
Args:
sender: Email address of the sender.
to: Email address of the receiver.
subject: The subject of the email message.
message_text: The text of the email message.
Returns:
An object containing a base64url encoded email object.
"""
message = MIMEText(message_text)
message['to'] = to
message['from'] = sender
message['subject'] = subject
return {'raw': base64.urlsafe_b64encode(message.as_string())}
def get_credentials():
"""Gets valid user credentials from storage.
If nothing has been stored, or if the stored credentials are invalid,
the OAuth2 flow is completed to obtain the new credentials.
Returns:
Credentials, the obtained credential.
"""
home_dir = os.path.expanduser('~')
credential_dir = os.path.join(home_dir, '.credentials')
if not os.path.exists(credential_dir):
os.makedirs(credential_dir)
credential_path = os.path.join(credential_dir,
'sendEmail.json')
store = oauth2client.file.Storage(credential_path)
credentials = store.get()
if not credentials or credentials.invalid:
flow = client.flow_from_clientsecrets(CLIENT_SECRET_FILE, SCOPES)
flow.user_agent = APPLICATION_NAME
if flags:
credentials = tools.run_flow(flow, store, flags)
else: # Needed only for compatibility with Python 2.6
credentials = tools.run(flow, store)
print('Storing credentials to ' + credential_path)
return credentials
if __name__ == "__main__":
try:
credentials = get_credentials()
http = credentials.authorize(httplib2.Http())
service = discovery.build('gmail', 'v1', http=http)
SendMessage(service, "me", CreateMessage("send@gmail.com", "receive@gmail.com", "Test gmail automation", "Hello world"))
except Exception, e:
print e
raise
请注意,如果遇到错误权限不足
,一个可能的原因是程序中的范围设置不正确。
另一个可能的原因可能是您需要删除存储json文件(“此程序中的sendmail.json”)并刷新程序。更多的细节可以在这里看到。我包含了一些为python 3使用而更新的代码-它似乎可以在您获得必要的权限和OAuth令牌后发送电子邮件。它主要基于谷歌api网站样本
from __future__ import print_function
import base64
import os
from email.mime.text import MIMEText
import httplib2
from apiclient import discovery
from googleapiclient import errors
from oauth2client import client
from oauth2client import tools
from oauth2client.file import Storage
try:
import argparse
flags = argparse.ArgumentParser(parents=[tools.argparser]).parse_args()
except ImportError:
flags = None
# If modifying these scopes, delete your previously saved credentials
# at ~/.credentials/gmail-python-quickstart.json
SCOPES = 'https://www.googleapis.com/auth/gmail.send'
CLIENT_SECRET_FILE = 'client_secret.json'
APPLICATION_NAME = 'Gmail API Python Quickstart'
def get_credentials():
"""Gets valid user credentials from storage.
If nothing has been stored, or if the stored credentials are invalid,
the OAuth2 flow is completed to obtain the new credentials.
Returns:
Credentials, the obtained credential.
"""
home_dir = os.path.expanduser('~')
credential_dir = os.path.join(home_dir, '.credentials')
if not os.path.exists(credential_dir):
os.makedirs(credential_dir)
credential_path = os.path.join(credential_dir,
'gmail-python-quickstart.json')
store = Storage(credential_path)
credentials = store.get()
if not credentials or credentials.invalid:
flow = client.flow_from_clientsecrets(CLIENT_SECRET_FILE, SCOPES)
flow.user_agent = APPLICATION_NAME
if flags:
credentials = tools.run_flow(flow, store, flags)
else: # Needed only for compatibility with Python 2.6
credentials = tools.run(flow, store)
print('Storing credentials to ' + credential_path)
return credentials
to = 'test@email.com'
sender = 'test@email.com'
subject = 'test emails'
message_text = 'hello this is a text test message'
user_id = 'me'
def create_message(sender, to, subject, message_text):
"""Create a message for an email.
Args:
sender: Email address of the sender.
to: Email address of the receiver.
subject: The subject of the email message.
message_text: The text of the email message.
Returns:
An object containing a base64url encoded email object.
"""
message = MIMEText(message_text)
message['to'] = to
message['from'] = sender
message['subject'] = subject
return {'raw': (base64.urlsafe_b64encode(message.as_bytes()).decode())}
def send_message(service, user_id, message):
"""Send an email message.
Args:
service: Authorized Gmail API service instance.
user_id: User's email address. The special value "me"
can be used to indicate the authenticated user.
message: Message to be sent.
Returns:
Sent Message.
"""
try:
message = (service.users().messages().send(userId=user_id, body=message)
.execute())
print('Message Id: {}'.format(message['id']))
return message
except errors.HttpError as error:
print('An error occurred: {}'.format(error))
def main():
"""Shows basic usage of the Gmail API.
Creates a Gmail API service object and outputs a list of label names
of the user's Gmail account.
"""
credentials = get_credentials()
http = credentials.authorize(httplib2.Http())
service = discovery.build('gmail', 'v1', http=http)
msg = create_message(sender,to,subject,message_text)
message = (service.users().messages().send(userId=user_id, body=msg)
.execute())
print('Message Id: {}'.format(message['id']))
results = service.users().messages().list(userId='me').execute()
labels = results.get('labels', [])
if not labels:
print('No labels found.')
else:
print('Labels:')
for label in labels:
print(label['name'])
if __name__ == '__main__':
main()
下面是Python3和GMail当前API的更新示例 请注意,要获取下面的
credentials.json
文件,您需要在选择相关GCP项目后创建一个Oauth客户端ID凭据。一旦您创建了它,就会显示客户端密钥和客户端机密。关闭该提示,然后单击帐户旁边的向下箭头。这是你需要的文件
谢谢pinkey,但我们这里说的是python。我不知道它是否有效,但我不得不(抱怨)@AndréDaniel,所以“不太安全”的语言主要面向使用第三方程序的人——在这种情况下,用户需要向第三方程序提供他们的Gmail密码(因为SMTP不支持OAuth),这被认为是不安全的。这就是为什么设置被标记为它是什么。@琥珀色他们可以生成唯一的应用程序密码。这将解决安全问题,而无需迁移到完全不同的API。这对我来说非常有用,非常好且详细的回答:)+1用粗体字解释,浏览谷歌的文档是成功的一半。我差点就要下注试试别的东西,直到我看到了你的答案。谢谢@John Meethance,非常有帮助!但是需要将正文行更改为“body={'raw':base64.b64encode(message.as_string()).replace(+'+','-').replace('/','''.')}”@user2426679 D
from __future__ import print_function
import base64
import os
from email.mime.text import MIMEText
import httplib2
from apiclient import discovery
from googleapiclient import errors
from oauth2client import client
from oauth2client import tools
from oauth2client.file import Storage
try:
import argparse
flags = argparse.ArgumentParser(parents=[tools.argparser]).parse_args()
except ImportError:
flags = None
# If modifying these scopes, delete your previously saved credentials
# at ~/.credentials/gmail-python-quickstart.json
SCOPES = 'https://www.googleapis.com/auth/gmail.send'
CLIENT_SECRET_FILE = 'client_secret.json'
APPLICATION_NAME = 'Gmail API Python Quickstart'
def get_credentials():
"""Gets valid user credentials from storage.
If nothing has been stored, or if the stored credentials are invalid,
the OAuth2 flow is completed to obtain the new credentials.
Returns:
Credentials, the obtained credential.
"""
home_dir = os.path.expanduser('~')
credential_dir = os.path.join(home_dir, '.credentials')
if not os.path.exists(credential_dir):
os.makedirs(credential_dir)
credential_path = os.path.join(credential_dir,
'gmail-python-quickstart.json')
store = Storage(credential_path)
credentials = store.get()
if not credentials or credentials.invalid:
flow = client.flow_from_clientsecrets(CLIENT_SECRET_FILE, SCOPES)
flow.user_agent = APPLICATION_NAME
if flags:
credentials = tools.run_flow(flow, store, flags)
else: # Needed only for compatibility with Python 2.6
credentials = tools.run(flow, store)
print('Storing credentials to ' + credential_path)
return credentials
to = 'test@email.com'
sender = 'test@email.com'
subject = 'test emails'
message_text = 'hello this is a text test message'
user_id = 'me'
def create_message(sender, to, subject, message_text):
"""Create a message for an email.
Args:
sender: Email address of the sender.
to: Email address of the receiver.
subject: The subject of the email message.
message_text: The text of the email message.
Returns:
An object containing a base64url encoded email object.
"""
message = MIMEText(message_text)
message['to'] = to
message['from'] = sender
message['subject'] = subject
return {'raw': (base64.urlsafe_b64encode(message.as_bytes()).decode())}
def send_message(service, user_id, message):
"""Send an email message.
Args:
service: Authorized Gmail API service instance.
user_id: User's email address. The special value "me"
can be used to indicate the authenticated user.
message: Message to be sent.
Returns:
Sent Message.
"""
try:
message = (service.users().messages().send(userId=user_id, body=message)
.execute())
print('Message Id: {}'.format(message['id']))
return message
except errors.HttpError as error:
print('An error occurred: {}'.format(error))
def main():
"""Shows basic usage of the Gmail API.
Creates a Gmail API service object and outputs a list of label names
of the user's Gmail account.
"""
credentials = get_credentials()
http = credentials.authorize(httplib2.Http())
service = discovery.build('gmail', 'v1', http=http)
msg = create_message(sender,to,subject,message_text)
message = (service.users().messages().send(userId=user_id, body=msg)
.execute())
print('Message Id: {}'.format(message['id']))
results = service.users().messages().list(userId='me').execute()
labels = results.get('labels', [])
if not labels:
print('No labels found.')
else:
print('Labels:')
for label in labels:
print(label['name'])
if __name__ == '__main__':
main()
import base64
import logging
import mimetypes
import os
import os.path
import pickle
from email.mime.text import MIMEText
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request
from googleapiclient import errors
from googleapiclient.discovery import build
def get_service():
"""Gets an authorized Gmail API service instance.
Returns:
An authorized Gmail API service instance..
"""
# If modifying these scopes, delete the file token.pickle.
SCOPES = [
'https://www.googleapis.com/auth/gmail.readonly',
'https://www.googleapis.com/auth/gmail.send',
]
creds = None
# The file token.pickle stores the user's access and refresh tokens, and is
# created automatically when the authorization flow completes for the first
# time.
if os.path.exists('token.pickle'):
with open('token.pickle', 'rb') as token:
creds = pickle.load(token)
# If there are no (valid) credentials available, let the user log in.
if not creds or not creds.valid:
if creds and creds.expired and creds.refresh_token:
creds.refresh(Request())
else:
flow = InstalledAppFlow.from_client_secrets_file(
'credentials.json', SCOPES)
creds = flow.run_local_server(port=0)
# Save the credentials for the next run
with open('token.pickle', 'wb') as token:
pickle.dump(creds, token)
service = build('gmail', 'v1', credentials=creds)
return service
def send_message(service, sender, message):
"""Send an email message.
Args:
service: Authorized Gmail API service instance.
user_id: User's email address. The special value "me"
can be used to indicate the authenticated user.
message: Message to be sent.
Returns:
Sent Message.
"""
try:
sent_message = (service.users().messages().send(userId=sender, body=message)
.execute())
logging.info('Message Id: %s', sent_message['id'])
return sent_message
except errors.HttpError as error:
logging.error('An HTTP error occurred: %s', error)
def create_message(sender, to, subject, message_text):
"""Create a message for an email.
Args:
sender: Email address of the sender.
to: Email address of the receiver.
subject: The subject of the email message.
message_text: The text of the email message.
Returns:
An object containing a base64url encoded email object.
"""
message = MIMEText(message_text)
message['to'] = to
message['from'] = sender
message['subject'] = subject
s = message.as_string()
b = base64.urlsafe_b64encode(s.encode('utf-8'))
return {'raw': b.decode('utf-8')}
if __name__ == '__main__':
logging.basicConfig(
format="[%(levelname)s] %(message)s",
level=logging.INFO
)
try:
service = get_service()
message = create_message("from@gmail.com", "to@gmail.com", "Test subject", "Test body")
send_message(service, "from@gmail.com", message)
except Exception as e:
logging.error(e)
raise