Why am I getting the error 'Can't generate token. Check your auth options' when using Nodemailer?

Question

I see several similar questions regarding normal OATH. However, I decided to try nodemailers new feature supporting gmail service accounts. I keep getting the same error over and over and no light on how to resolve it. Does anyone have any insight?

Step 1: I set up my service account from my project. Then I downloaded the key.json file.

Step 2: I went to GCP APIs and enabled gmail api for my project. I then verified that my new service account was in the list. (I don't want to post a pic because it contains sensitive information. But I triple checked that it was in the list of service accounts enabled for the gmail api.

Step 3: I wrote a little code.

return Promise.resolve()
.then(() => {
      const mailTransport = nodemailer.createTransport({
        service: 'gmail',
        auth: {
          type: 'OAuth2',
          user: <service account email>,
          serviceClient: <service account client>,
          privateKey: <Private key> (including the \n at the end),
        },
      });
})
.then(() => {
        const mailOptions = {
            from: '"Support" support@myapp.com',
            to: targetEmail,
            subject: 'My Subject',
            html: 'My super support email'
          };
          return mailTransport.sendMail(mailOptions);
    })
.catch(err => {
  console.error(err);
})

I print a nice wonderful error that says

Error { Error: Can't generate token. Check your auth options
at SMTPConnection._handleXOauth2Token (/workspace/node_modules/nodemailer/lib/smtp-connection/index.js:1697:27)
at SMTPConnection.login (/workspace/node_modules/nodemailer/lib/smtp-connection/index.js:540:22)
at XOAuth2.generateToken (/workspace/node_modules/nodemailer/lib/xoauth2/index.js:170:33)
at XOAuth2.getToken (/workspace/node_modules/nodemailer/lib/xoauth2/index.js:123:18)
at connection.connect (/workspace/node_modules/nodemailer/lib/smtp-transport/index.js:374:32)
at SMTPConnection.once (/workspace/node_modules/nodemailer/lib/smtp-connection/index.js:215:17)
at Object.onceWrapper (events.js:286:20)
at SMTPConnection.emit (events.js:198:13)
at SMTPConnection.EventEmitter.emit (domain.js:466:23)
at SMTPConnection._actionEHLO (/workspace/node_modules/nodemailer/lib/smtp-connection/index.js:1313:14) code: 'EAUTH', command: 'AUTH XOAUTH2' }

Does anyone have any idea what I am doing wrong?

Note: For a little more context. This runs inside of a firebase function.

Answer 1

I just had the same problem and I found a solution here:

https://levelup.gitconnected.com/multi-purposes-mailing-api-using-nodemailer-gmail-google-oauth-28de49118d77

As described in the tutorial you have to get your refresh token.

In your OAuth credentials in Google APIs Console provide https://developers.google.com/oauthplayground/ as redirection URI.

Go to https://developers.google.com/oauthplayground/ page.

In the right corner in settings menu select "Use your own OAuth credentials" and provide your credentials.

Then provide link https://mail.google.com in "Select & authorize APIs" section and click "Authorize APIs" button.

Finally exchange authorization code for tokens.

When you have the refresh token you can pass it in the configuration:

{
    service: 'gmail',
    auth: {
        type: 'OAuth2',
        user: USER_EMAIL_ADDRESS,
        clientId: CLIENT_ID,
        clientSecret: CLIENT_SECRET,
        refreshToken: REFRESH_TOKEN,
    },
}

According to this answer the google's refresh token will not expire:

Do Google refresh tokens expire?

Best regards,

Piotr

Answer 2

In my case (and found in nodemailer's documentation), I wasn't pasting the entire private_key including the very beginning '-----BEGIN PRIVATE KEY-----\n...')