OAuth Providers for Mailboxes

Out-of-the-box, OroImapBundle provides two OAuth-based Email origin types: Gmail and Microsoft 365.

Gmail

Google Gmail implementation provides OAuth authentication/authorization via a custom Google application.

• Integration configuration is available via System Configuration > Integrations > Google Settings.
• Mandatory fields are Client ID and Client Secret. They are located in the Google application management panel.
• Option OAuth 2.0 for Gmail emails sync must be enabled. If the provided credentials are invalid, the integration will not be enabled.

Microsoft 365

Microsoft 365 implementation provides OAuth authentication/authorization via a custom Microsoft Azure application.

• Integration configuration is available via System Configuration > Integrations > Microsoft Settings
• Mandatory fields are Client ID, Client Secret, Tenant. They are located in the MS Azure application management panel.
• Select Enable Emails Sync in Microsoft 365 Integrations.

Custom Provider Implementation

1. Implement a new OAuth provider class that inherits from Oro\Bundle\ImapBundle\Provider\OAuthProviderInterface.

2. Implement a new OAuth manager class that inherits from Oro\Bundle\ImapBundle\Manager\OAuthManagerInterface.

3. Tag the manager implementation with tag oro_imap.oauth_manager (the service will be automatically picked up and, if the provider is enabled, an additional account type will be available for User Configuration > General Setup > Email Configuration > Email Synchronization Settings > Account Type).

4. Implement a form type with default Email Origin values for a certain provider (see Oro\Bundle\ImapBundle\Form\Type\AbstractOAuthAwareConfigurationType and existing inheriting types).

5. Register a route for Oro\Bundle\ImapBundle\Controller\CheckConnectionController for a new OAuth vendor.

6. Implement a custom controller for handling access token (see Oro\Bundle\ImapBundle\Controller\AbstractAccessTokenController and inheriting controllers) and register a route for it.

7. Register custom form block widgets definitions:

   • Resources/config/oro/twig.yml - add this file to register the global set of definitions of form fields.

   bundles:
       - '@ExampleVendorImap/Form/fields.html.twig'
   

   • Create a fields definitions file with the custom definition of the previously defined form field.

   {# '@ExampleVendorImap/Form/fields.html.twig' #}
   
   {% block example_imap_configuration_type_widget %}
       {% set data = form.parent.parent.vars.value %}
   
       {% set options = form.vars.options|default({})|merge({
           {# component options #}
       }) %}
   
       <div class="example-imap-gmail-container"
            data-page-component-module="examplevendorimap/js/app/components/imap-component"
            data-page-component-options="{{ options|json_encode }}"
       >
           <div {{ block('widget_container_attributes') }}>
               {# Custom form layout #}
               {{- form_rest(form) -}}
           </div>
       </div>
   {% endblock %}
   

8. Implement JavaScript components:

   • Create a popup for OAuth initialization (extend /Resources/public/js/app/components/imap-component.js).
   • Create a view managed by the component (extend /Resources/public/js/app/views/imap-view.js).
   • Depending on OAuth implementation from your provider, claim token data via a previously defined controller.

   By default, the component/view handles the population of proper DOM elements with the provided token data.