Supporting other scopes for GMail

[mky300]

First off - great work on this, works like a charm with the included scope - but just might raise some eyebrows as it requires read and delete access to email.

Advice to others compiling on Delphi 10.1, add IPPeerClient to the uses clause, and cast TIdBytes to TBytes on the logging routines.

Any chance someone can help me with changing the scope to a more restricted scope - ie. gmail.send or gmail.compose?

ie. https://www.googleapis.com/auth/gmail.send

Listed here: [(https://developers.google.com/gmail/api/auth/scopes)]

These are all the rights that should be required for sending email, but if I try to apply that to the scope, it has an error saying issue with username/password which I think is just a general rights error really.

[david-navigator]

@mky300 did you manage to solve this issue ? I have exactly the same problem.

[mky300]

@david-navigator unfortunately not, had to go with the full scope

[david-navigator]

@mky300 Having done a load of research & reading I've discovered that if you want to access GMail via SMTP, POP or IMAP then the only way is to use the https://mail.google.com/ scope. If you want to use a lower scope then you need to use REST via https to send/Read emails and ignore the common protocols.
Of course using the full scope means that if your app is external then it will show as Un Verified to users unless you go down the Google Verification route, which seems to involve getting your code certified at a cost of somewhere between $15-75,000 USD - beyond the reach of most of us. One ray of hope is that it looks like corporate customers can authorize unverified apps, though I'm yet to try it https://support.google.com/a/answer/9352843?sjid=17964475767932024698-EU#zippy=%2Cwhy-would-a-third-party-app-be-unverified%2Cif-im-an-app-developer-as-well-as-a-user-how-do-i-get-a-third-party-app-verified%2Cwhat-will-happen-to-unverified-third-party-apps%2Cwhat-happens-when-i-trust-a-third-party-app