Improved OAuth2 docs

jstedfast · Aug 2, 2024 · 254a930 · 254a930
1 parent 12a5152
commit 254a930
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 11 deletions.
diff --git a/ExchangeOAuth2.md b/ExchangeOAuth2.md
@@ -37,6 +37,8 @@ nuget package for obtaining the access token which will be needed by MailKit to
 server.
 
 ```csharp
+const string EmailAddress = "[email protected]";
+
 var options = new PublicClientApplicationOptions {
     ClientId = "Application (client) ID",
     TenantId = "Directory (tenant) ID",
@@ -58,8 +60,23 @@ var scopes = new string[] {
     //"https://outlook.office.com/SMTP.Send", // Only needed for SMTP
 };
 
-var authToken = await publicClientApplication.AcquireTokenInteractive (scopes).ExecuteAsync ();
-var oauth2 = new SaslMechanismOAuth2 (authToken.Account.Username, authToken.AccessToken);
+AuthenticationResult? result;
+
+try {
+    // First, check the cache for an auth token.
+    result = await publicClientApplication
+        .AcquireTokenSilent (scopes, EmailAddress)
+        .ExecuteAsync ();
+} catch (MsalUiRequiredException) {
+    // If that fails, then try getting an auth token interactively.
+    result = await publicClientApplication
+        .AcquireTokenInteractive (scopes)
+        .WithLoginHint (EmailAddress)
+        .ExecuteAsync ();
+}
+
+// Note: We always use authToken.Account.Username instead of `Username` because the user may have selected an alternative account.
+var oauth2 = new SaslMechanismOAuth2 (result.Account.Username, result.AccessToken);
 
 using (var client = new ImapClient ()) {
     await client.ConnectAsync ("outlook.office365.com", 993, SecureSocketOptions.SslOnConnect);

diff --git a/GMailOAuth2.md b/GMailOAuth2.md
@@ -69,14 +69,15 @@ server.
 const string GMailAccount = "[email protected]";
 
 var clientSecrets = new ClientSecrets {
-	ClientId = "XXX.apps.googleusercontent.com",
-	ClientSecret = "XXX"
+    ClientId = "XXX.apps.googleusercontent.com",
+    ClientSecret = "XXX"
 };
 
 var codeFlow = new GoogleAuthorizationCodeFlow (new GoogleAuthorizationCodeFlow.Initializer {
-	DataStore = new FileDataStore ("CredentialCacheFolder", false),
-	Scopes = new [] { "https://mail.google.com/" },
-	ClientSecrets = clientSecrets
+    DataStore = new FileDataStore ("CredentialCacheFolder", false),
+    Scopes = new [] { "https://mail.google.com/" },
+    ClientSecrets = clientSecrets,
+    LoginHint = GMailAccount
 });
 
 // Note: For a web app, you'll want to use AuthorizationCodeWebApp instead.
@@ -86,14 +87,14 @@ var authCode = new AuthorizationCodeInstalledApp (codeFlow, codeReceiver);
 var credential = await authCode.AuthorizeAsync (GMailAccount, CancellationToken.None);
 
 if (credential.Token.IsStale)
-	await credential.RefreshTokenAsync (CancellationToken.None);
+    await credential.RefreshTokenAsync (CancellationToken.None);
 
 var oauth2 = new SaslMechanismOAuth2 (credential.UserId, credential.Token.AccessToken);
 
 using (var client = new ImapClient ()) {
-	await client.ConnectAsync ("imap.gmail.com", 993, SecureSocketOptions.SslOnConnect);
-	await client.AuthenticateAsync (oauth2);
-	await client.DisconnectAsync (true);
+    await client.ConnectAsync ("imap.gmail.com", 993, SecureSocketOptions.SslOnConnect);
+    await client.AuthenticateAsync (oauth2);
+    await client.DisconnectAsync (true);
 }
 ```