OAuth2 email authentication method needed
Moderators: Developer, Contributor
Re: OAuth2 email authentication method needed
Looking at the code it seems the password field is being used as the secret so you should add the secret into the password field. I have tried for hours to get this to work and the only error I get back is INTERNAL APPLICATION ERROR. I'm guessing my issue is due to the port on the server being blocked but I can't get it unblocked easy without lots of emails. I was using POP before on 995, IMAP uses 993 so I guess that's my issue. I hope someone can get it to work for POP also.
Re: OAuth2 email authentication method needed
Sorry, I should have provided some more information about the setup. It seems that the MS document does not match exactly what I have setup up currently.
So, the password field is the client secret, so that must be filled in.
You also need to fill in the four fields under OAUTH2:
Client ID - application id from Azure AD
Redirect Uri - not used, but I believe this must match one of the configured redirect uris for the application in AAD
Tenant: directory tenant id
Scopes: I currently have https://outlook.office365.com/.default which works for me.
Hope this helps.
So, the password field is the client secret, so that must be filled in.
You also need to fill in the four fields under OAUTH2:
Client ID - application id from Azure AD
Redirect Uri - not used, but I believe this must match one of the configured redirect uris for the application in AAD
Tenant: directory tenant id
Scopes: I currently have https://outlook.office365.com/.default which works for me.
Hope this helps.
Re: OAuth2 email authentication method needed
Hi,
it's a really important and very useful extension, but I can't get it to work. Sometimes I program, so I can monitor what's going on inside the code, but I still haven't been able to connect it to the office365.com mailbox.
I went through the installation, adding libraries via composer, as well as adding the application and secret code in Azure. I believe that everything is set correctly, but the result is always the same
[pear_error: message="AUTHENTICATE XOAUTH2: A0001 NO AUTHENTICATE failed., host = outlook.office365.com, port = 993, auth-meth: XOAUTH2" code=0 mode=return level=notice prefix="" info="" ]
I was trying to debug the login process and before I set the scopes to the correct version, I was finding the wrong url scope message in the login procedure (core_pear/IMAP.php) in $pass instead of the token. Now there is a long base64 string, which should be OK.
A subsequent call to connect then returns an empty value to $ret.
The input to connect is then this:
[$this->host] => outlook.office365.com
[$user] => testdesk@***** (user)
[$pass] => eyJ******PFpxg (token)
[array] => Array
(
[port] => 993
[timeout] => 3
[ssl_mode] => tlsv1.2
[auth_type] => XOAUTH2
[force_caps] =>
)
In the connect function, it passes the tests up to the authenticate call, internally up to the branch
else if ($type == 'XOAUTH2') {
Here, the username is combined with the token and recoded to Base64 once more, stored in the $auth variable, and then the value "A0001 NO AUTHENTICATE failed" is stored. to $line and returns -1 in the result.
I've already spent over 20 hours on this and I must be doing something wrong somewhere.
The setting is
["enabled"]=> 1
["description"]=> "TestDesk"
["mailbox_type"]=> "IMAP"
["hostname"]=> "tlsv1.2://outlook.office365.com"
["port"]=> 993
["encryption"]=> "TLSv1.2"
["ssl_cert_verify"]=> 0/1 (same behavior)
["erp_username"]=>"testdesk@ ***domain*****"
["erp_password"]=> string(56) "****secret code from Azure*****"
["auth_method"]=> string(7) "XOAUTH2"
["erp_clientid"]=> string(36) "a17***client ID from Azure****c47"
["erp_redirecturi"]=> ""
["erp_tenant"]=> "abd***tenant ID from Azure***b65"
["erp_scopes"]=>"https://outlook.office365.com/.default"
["imap_basefolder"]=>""
["imap_createfolderstructure"]=>0
However, I have tried all possible combinations of settings and the result is always the same. Only with POP3 is the message different and refers to an empty greeting message.
it's a really important and very useful extension, but I can't get it to work. Sometimes I program, so I can monitor what's going on inside the code, but I still haven't been able to connect it to the office365.com mailbox.
I went through the installation, adding libraries via composer, as well as adding the application and secret code in Azure. I believe that everything is set correctly, but the result is always the same
[pear_error: message="AUTHENTICATE XOAUTH2: A0001 NO AUTHENTICATE failed., host = outlook.office365.com, port = 993, auth-meth: XOAUTH2" code=0 mode=return level=notice prefix="" info="" ]
I was trying to debug the login process and before I set the scopes to the correct version, I was finding the wrong url scope message in the login procedure (core_pear/IMAP.php) in $pass instead of the token. Now there is a long base64 string, which should be OK.
A subsequent call to connect then returns an empty value to $ret.
The input to connect is then this:
[$this->host] => outlook.office365.com
[$user] => testdesk@***** (user)
[$pass] => eyJ******PFpxg (token)
[array] => Array
(
[port] => 993
[timeout] => 3
[ssl_mode] => tlsv1.2
[auth_type] => XOAUTH2
[force_caps] =>
)
In the connect function, it passes the tests up to the authenticate call, internally up to the branch
else if ($type == 'XOAUTH2') {
Here, the username is combined with the token and recoded to Base64 once more, stored in the $auth variable, and then the value "A0001 NO AUTHENTICATE failed" is stored. to $line and returns -1 in the result.
I've already spent over 20 hours on this and I must be doing something wrong somewhere.
The setting is
["enabled"]=> 1
["description"]=> "TestDesk"
["mailbox_type"]=> "IMAP"
["hostname"]=> "tlsv1.2://outlook.office365.com"
["port"]=> 993
["encryption"]=> "TLSv1.2"
["ssl_cert_verify"]=> 0/1 (same behavior)
["erp_username"]=>"testdesk@ ***domain*****"
["erp_password"]=> string(56) "****secret code from Azure*****"
["auth_method"]=> string(7) "XOAUTH2"
["erp_clientid"]=> string(36) "a17***client ID from Azure****c47"
["erp_redirecturi"]=> ""
["erp_tenant"]=> "abd***tenant ID from Azure***b65"
["erp_scopes"]=>"https://outlook.office365.com/.default"
["imap_basefolder"]=>""
["imap_createfolderstructure"]=>0
However, I have tried all possible combinations of settings and the result is always the same. Only with POP3 is the message different and refers to an empty greeting message.
Re: OAuth2 email authentication method needed
I'm also trying to use sambuca's fork, and also getting the exact same response: "A0001 NO AUTHENTICATE failed" you're getting, with the settings pretty much the same as yours.v_wagner wrote: ↑11 Jan 2023, 09:28 Hi,
it's a really important and very useful extension, but I can't get it to work. Sometimes I program, so I can monitor what's going on inside the code, but I still haven't been able to connect it to the office365.com mailbox.
I went through the installation, adding libraries via composer, as well as adding the application and secret code in Azure. I believe that everything is set correctly, but the result is always the same
[pear_error: message="AUTHENTICATE XOAUTH2: A0001 NO AUTHENTICATE failed., host = outlook.office365.com, port = 993, auth-meth: XOAUTH2" code=0 mode=return level=notice prefix="" info="" ]
I was trying to debug the login process and before I set the scopes to the correct version, I was finding the wrong url scope message in the login procedure (core_pear/IMAP.php) in $pass instead of the token. Now there is a long base64 string, which should be OK.
A subsequent call to connect then returns an empty value to $ret.
The input to connect is then this:
[$this->host] => outlook.office365.com
[$user] => testdesk@***** (user)
[$pass] => eyJ******PFpxg (token)
[array] => Array
(
[port] => 993
[timeout] => 3
[ssl_mode] => tlsv1.2
[auth_type] => XOAUTH2
[force_caps] =>
)
In the connect function, it passes the tests up to the authenticate call, internally up to the branch
else if ($type == 'XOAUTH2') {
Here, the username is combined with the token and recoded to Base64 once more, stored in the $auth variable, and then the value "A0001 NO AUTHENTICATE failed" is stored. to $line and returns -1 in the result.
I've already spent over 20 hours on this and I must be doing something wrong somewhere.
The setting is
["enabled"]=> 1
["description"]=> "TestDesk"
["mailbox_type"]=> "IMAP"
["hostname"]=> "tlsv1.2://outlook.office365.com"
["port"]=> 993
["encryption"]=> "TLSv1.2"
["ssl_cert_verify"]=> 0/1 (same behavior)
["erp_username"]=>"testdesk@ ***domain*****"
["erp_password"]=> string(56) "****secret code from Azure*****"
["auth_method"]=> string(7) "XOAUTH2"
["erp_clientid"]=> string(36) "a17***client ID from Azure****c47"
["erp_redirecturi"]=> ""
["erp_tenant"]=> "abd***tenant ID from Azure***b65"
["erp_scopes"]=>"https://outlook.office365.com/.default"
["imap_basefolder"]=>""
["imap_createfolderstructure"]=>0
However, I have tried all possible combinations of settings and the result is always the same. Only with POP3 is the message different and refers to an empty greeting message.
I suspect it may be a problem with the Azure AD configuration, I'm consulting my systems administrator tomorrow to go over the Microsoft docs with them: https://learn.microsoft.com/en-us/excha ... onnections to see if I can spot the problem.
Last edited by dcal on 11 Jan 2023, 20:28, edited 1 time in total.
Re: OAuth2 email authentication method needed
In relation to my previous post, after reviewing Azure AD with my system's administrator, it now works.
This section of the Microsoft doc is the key:
https://learn.microsoft.com/en-us/excha ... onnections
ALSO when creating the ServicePrincipal, the ObjectId must be that of the Enterprise Application, not the Application Registration. They are different sections in the Azure AD site menu.
This image helped us identify which ObjectId was the correct one:
Once AD is correctly configured, you should get a A0001 OK AUTHENTICATE completed instead of AUTHENTICATE XOAUTH2: A0001 NO AUTHENTICATE failed
This section of the Microsoft doc is the key:
https://learn.microsoft.com/en-us/excha ... onnections
ALSO when creating the ServicePrincipal, the ObjectId must be that of the Enterprise Application, not the Application Registration. They are different sections in the Azure AD site menu.
This image helped us identify which ObjectId was the correct one:
Once AD is correctly configured, you should get a A0001 OK AUTHENTICATE completed instead of AUTHENTICATE XOAUTH2: A0001 NO AUTHENTICATE failed
Re: OAuth2 email authentication method needed
After configuring the ServicePrincipals correctly, it finally got up and running. Thanks. So there is still some error when terminating the connection - maybe some change in the IMAP library and a non-existent function, so it won't log out correctly, but new tasks will start it.
[23-Jan-2023 09:01:42 Europe/Berlin] Call to undefined method IMAP::cmdExpunge()
D:\xampp\htdocs\mantisbt2\plugins\EmailReporting\core\mail_api.php: 505: IMAP - -> - disconnect( <boolean>true )
D:\xampp\htdocs\mantisbt2\plugins\EmailReporting\core\mail_api.php: 251: ERP_mailbox_api - -> - process_imap_mailbox()
D:\xampp\htdocs\mantisbt2\plugins\EmailReporting\pages\bug_report_mail.php: 74: ERP_mailbox_api - -> - process_mailbox( <array> { ['enabled'] => 1, ['description'] => 'TestDesk', ['mailbox_type'] => 'IMAP', ['hostname'] => 'outlook.office365.com', ['port'] => '', ['encryption'] => 'TLSv1.2', ['ssl_cert_verify'] => 0, ['erp_username'] => 'testdesk@************', ['erp_password'] => 'Nj************g==', ['auth_method'] => 'XOAUTH2', ['erp_clientid'] => 'a17************47', ['erp_redirecturi'] => '', ['erp_tenant'] => 'ab************65', ['erp_scopes'] => 'https://outlook.office365.com/.default', ['project_id'] => 1, ['global_category_id'] => 1, ['imap_basefolder'] => 'INBOX', ['imap_createfolderstructure'] => 0 } )
D:\xampp\htdocs\mantisbt2\plugin.php: 74: - - - - include( <string>'D:\\xampp\\htdocs\\mantisbt2\\plugins\\EmailReporting\\pages\\bug_report_mail.php' )
D:\xampp\htdocs\mantisbt2\plugins\EmailReporting\scripts\bug_report_mail.php: 28: - - - - require_once( <string>'D:\\xampp\\htdocs\\mantisbt2\\plugin.php' )
[23-Jan-2023 09:01:42 Europe/Berlin] Call to undefined method IMAP::cmdExpunge()
D:\xampp\htdocs\mantisbt2\plugins\EmailReporting\core\mail_api.php: 505: IMAP - -> - disconnect( <boolean>true )
D:\xampp\htdocs\mantisbt2\plugins\EmailReporting\core\mail_api.php: 251: ERP_mailbox_api - -> - process_imap_mailbox()
D:\xampp\htdocs\mantisbt2\plugins\EmailReporting\pages\bug_report_mail.php: 74: ERP_mailbox_api - -> - process_mailbox( <array> { ['enabled'] => 1, ['description'] => 'TestDesk', ['mailbox_type'] => 'IMAP', ['hostname'] => 'outlook.office365.com', ['port'] => '', ['encryption'] => 'TLSv1.2', ['ssl_cert_verify'] => 0, ['erp_username'] => 'testdesk@************', ['erp_password'] => 'Nj************g==', ['auth_method'] => 'XOAUTH2', ['erp_clientid'] => 'a17************47', ['erp_redirecturi'] => '', ['erp_tenant'] => 'ab************65', ['erp_scopes'] => 'https://outlook.office365.com/.default', ['project_id'] => 1, ['global_category_id'] => 1, ['imap_basefolder'] => 'INBOX', ['imap_createfolderstructure'] => 0 } )
D:\xampp\htdocs\mantisbt2\plugin.php: 74: - - - - include( <string>'D:\\xampp\\htdocs\\mantisbt2\\plugins\\EmailReporting\\pages\\bug_report_mail.php' )
D:\xampp\htdocs\mantisbt2\plugins\EmailReporting\scripts\bug_report_mail.php: 28: - - - - require_once( <string>'D:\\xampp\\htdocs\\mantisbt2\\plugin.php' )
Re: OAuth2 email authentication method needed
Grrrrrrr - it is produced by this function:
Delete processed email from the mailbox
Delete processed email from the mailbox
Re: OAuth2 email authentication method needed
Will this be working for POP3 hopefully?