Search code examples
oauth-2.0gmail

Oauth2 gmail SMTP Authentication Error with phpmailer

It's really a night mare. I don't know why I'm getting this for last 24 hours. Any help much appreciated please.

SERVER -> CLIENT: 220 smtp.gmail.com ESMTP w23sm28778307wmd.1 - gsmtp
CLIENT -> SERVER: EHLO cslexicon.tk
SERVER -> CLIENT: 250-smtp.gmail.com at your service, [31.170.164.33]250-SIZE 35882577250-8BITMIME250-STARTTLS250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
CLIENT -> SERVER: EHLO cslexicon.tk
SERVER -> CLIENT: 250-smtp.gmail.com at your service, [31.170.164.33]250-SIZE 35882577250-8BITMIME250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8
CLIENT -> SERVER: AUTH XOAUTH2 dXNlcj1zc3Nzc2F0aHlhYTY3QGdtYWlsLmNvbQFhdXRoPUJlYXJlciB5YTI5LmFRS2E2OC1qUmZsenhhYnE1YmkxNWlYcUtOa1VmTjdJZ3NBT2dLYU1uekhpR2I0NVV4dm9GNWozcDZoZGp3LXZtTjEyVEEBAQ==
SERVER -> CLIENT: 334 eyJzdGF0dXMiOiI0MDAiLCJzY2hlbWVzIjoiQmVhcmVyIiwic2NvcGUiOiJodHRwczovL21haWwuZ29vZ2xlLmNvbS8ifQ==
SMTP ERROR: AUTH command failed: 334 eyJzdGF0dXMiOiI0MDAiLCJzY2hlbWVzIjoiQmVhcmVyIiwic2NvcGUiOiJodHRwczovL21haWwuZ29vZ2xlLmNvbS8ifQ==
SMTP Error: Could not authenticate.
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 535-5.7.8 Username and Password not accepted. Learn more at535 5.7.8 https://support.google.com/mail/answer/14257 w23sm28778307wmd.1 - gsmtp
SMTP ERROR: QUIT command failed: 535-5.7.8 Username and Password not accepted. Learn more at535 5.7.8 https://support.google.com/mail/answer/14257 w23sm28778307wmd.1 - gsmtp
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Mailer Error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting

I used league/oauth2-client, league/oauth2-google and got refresh token.

ClientID, Secret Code and Refresh code everything seems fine in my phpmailer code.

Followed everything at https://support.google.com/mail/answer/14257

Still, stuck here for very long time.

Solution

  • If you are using league/oauth2-client and league/oauth2-google,

    you will get the following prompt by default on getting refresh token.

    Image 1 - Initial

    But, these permissions do not allow you to send emails.

    So you apply a simple quick fix.

    At this stage, move your eyes towards the url in the address bar.

    Analyze it closely and somewhere you find this,

    &scope=email+openid+profile&response_type

    Change the scope to the following and don't touch the remaining part,

    &scope=https://mail.google.com/&response_type

    Now, go to this new modified url. You will get a prompt like this,

    Image 2 - Final

    Click Allow and you are Good to go.