Google IMAP App specific Password

[BWilky]

[IMAPAuth] imap auth failed Error: Application-specific password required: https://support.google.com/accounts/answer/185833 (Failure)

Has anyone come up with a work around for this? I'd like to whitelist this radius server

[simllll]

Yeah,just create an App specific password.https://support.google.com/mail/answer/185833?hl=en-GB

[BWilky]

@simllll How do I get this to work for all the users without them all creating app specific passwords? We're on nonprofit G suite so LDAP isn't an option

[simllll]

I guess there is no way around an app specific password, if you don't want to use ldap ... Maybe you can apply for some program at Google if your are eligible for non profit things?

[BWilky]

Damn, that's too bad. I've tried looking into asking google for LDAP access, no luck. Thanks!

[BWilky]

So I managed to actually get this to work. I created a express server that uses node.js puppeteer to login with a headless chrome instance. It actually works really really well with the Http auth function

[simllll]

Haha creative solution ;-) do you want to share the headless login code?

[BWilky]

Outside of this, I've used a endswith checker to make sure it's from the correct domain.

Known issues would be 2FA accounts, no work-around for that.

class GoogleAuth {
  async login(email, password) {
    const browser = await puppeteer.launch({ headless: false });
    const page = await browser.newPage();
    let navigationPromise = page.waitForNavigation();

    const timer = setTimeout(() => {
      console.log('Login attempt timed out');
      browser.close();
      return false;
    }, 10000); // Set timeout to 10 seconds

    await page.goto('https://accounts.google.com/');
    await navigationPromise;

    await page.waitForSelector('input[type="email"]');
    await page.type('input[type="email"]', email);

    await page.waitForSelector('#identifierNext');
    await page.click('#identifierNext');

    await page.waitForSelector('input[type="password"]', { visible: true });
    await page.type('input[type="password"]', password);

    await page.waitForSelector('#passwordNext', { visible: true });
    await page.click('#passwordNext');

    try {
      await Promise.race([
        page.waitForNavigation(), // Wait for navigation
        page.waitForFunction('document.body.innerText.includes("Wrong password")'), // Wait for "Wrong password" text
        new Promise((_, reject) => setTimeout(() => reject(new Error('Timeout')), 10000)) // Set timeout
      ]);
    } catch (error) {
      console.log('An error occurred while waiting for navigation or "Wrong password" text');
      await browser.close();
      return false;
    }

    const url = await page.url();
    const loginFailed = url.includes('signin');

    clearTimeout(timer);

    await browser.close();

    return !loginFailed;
  }
}

[BWilky]

@simllll

Right now I got it to work with two node apps, the radius, and then an express app. I noticed at the bottom of the readme there's a how to include radius server in another app. I can't seem to get that sample code going. Is it possible to run radius server in a custom node file with custom function for auth?