This document describes the XMPP extension used by Google Talk to allow users to log in using OAuth 2.0 credentials.
Note: This extension is not intended to become a standard and is subject to change.
Table of Contents
To connect to Google Talk with OAuth credentials, the application must go through two separate steps. It first needs to generate an OAuth token scoped for chat login and it then needs to use this token to authenticate with the Google Talk connection servers.
The client must retrieve an OAuth token scoped for the scope
https://www.googleapis.com/auth/googletalk. This can be done in different ways depending on the client type. Instructions for various use cases are available at https://developers.google.com/accounts/docs/OAuth2.
Manual token generation, which might be useful for testing and debugging, can be performed at the OAuth 2.0 playground.
Note: Clients that store and reuse credentials will need to acquire a refresh token, which can be used to obtain additional access tokens.
The OAuth token generated in the previous step must now be used instead of a password when connecting to the Google Talk servers. This is done by modifying the SASL
auth element as follows:
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="X-OAUTH2" auth:service="oauth2" xmlns:auth="http://www.google.com/talk/protocol/auth"> base64("\0" + user_name + "\0" + oauth_token) </auth>
The content in the
auth element should be the base64 encoding of a string containing a null byte, followed by the user name, another null byte and the string representation of the user’s OAuth token. This is similar to how to authenticate with a password using the PLAIN mechanism, except the token is added instead of the user’s password.
Extensibility is one of the greatest strengths of XMPP, the IETF standard protocol on which Google Talk is built. While XMPP itself defines a bare set of features, the protocol encourages third parties to develop their own extensions. During the development of Google Talk, we found it useful to define extensions to implement features not already found in XMPP or any of its currently defined extensions.The protocol defined in this document is currently used by the Google Talk clients and servers. However, note that it is not currently part of a proposed stanzardized extension, and therefore may change as we work to standardize these features.