Access token length exceeds maximum permitted by Gmail SMTP servers [358591561]

Assigned

Bug

Status Update

No update yet.

Description

ma...@front.com

created issue #1

Aug 9, 2024 07:39PM

Description

Yesterday at 14:45 PT we started seeing intermittent auth errors returned by the Gmail server. The following log excerpt includes both our SMTP traffic and nodemailer 6.7.8 logs. In this sequence, wherein nodemailer attempts to acquire an access token using a refresh token, and receives an access token of 1000 characters. This token is not accepted by the Gmail server because it is too long, per RFC 5321 the maximum length is 512. Retries for the same account yield both short (~210 characters) and long (1000 character) access tokens, and the overall percentage of long tokens is well under 1%.

[2024-08-09 18:24:39] DEBUG Creating transport: nodemailer (6.7.8; +https://nodemailer.com/; SMTP/6.7.8[client:6.7.8])
[2024-08-09 18:24:39] DEBUG Sending mail using SMTP/6.7.8[client:6.7.8]
[2024-08-09 18:24:39] DEBUG [5MdTdErGuSs] Resolved smtp.gmail.com as 142.250.101.109 [cache miss]
[2024-08-09 18:24:39] INFO  [5MdTdErGuSs] Secure connection established to 142.250.101.109:465
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 220 smtp.gmail.com ESMTP d2e1a72fcca58-710e5ac71c1sm54047b3a.217 - gsmtp
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] C: EHLO out.frontapp.com
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 250-smtp.gmail.com at your service, [52.8.170.242]
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 250-SIZE 35882577
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 250-8BITMIME
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 250-ENHANCEDSTATUSCODES
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 250-PIPELINING
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 250-CHUNKING
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 250 SMTPUTF8
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] SMTP handshake finished
[2024-08-09 18:24:40] DEBUG Requesting token using: {"client_id":"<id>","client_secret":"<secret>","refresh_token":"<refresh_token>","grant_type":"refresh_token"}
[2024-08-09 18:24:40] DEBUG Response: {"access_token":"<access_token>","expires_in":3599,"scope":"https://www.googleapis.com/auth/calendar https://mail.google.com/ https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/admin.directory.resource.calendar openid","token_type":"Bearer","id_token":"<id token>"}
[2024-08-09 18:24:40] INFO  Generated new Access Token for <username>
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] C: AUTH XOAUTH2 <base64 encoded xoauth2>
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 555-5.5.2 Syntax error, goodbye. For more information, go to
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 555-5.5.2  https://support.google.com/a/answer/3221692 and review RFC 5321
[2024-08-09 18:24:40] DEBUG [5MdTdErGuSs] S: 555 5.5.2 specifications. d2e1a72fcca58-710e5ac71c1sm54047b3a.217 - gsmtp

Packages

node 20.11.0
nodemailer 6.7.8
googleapis/gmail 5.0.1

Comments

bl...@google.com <bl...@google.com> #2Aug 9, 2024 07:52PM

Assigned to jp...@google.com.

Issue 358591561

Description

Description

Issue summary

Comments

bl...@google.com <bl...@google.com> #2Aug 9, 2024 07:52PM

Add comment

Issue metadata