Investigate Umlaut passwords possibly not being supported

[Garethp]

As raised in issue #68, it looks like Umlaut passwords might not work for this library. This needs further looking in to

[perskes]

Hey man! I encounter the issue not only with the password, but also with retrieving the data! All umlauts are changed to giberish.

I made two tests with php/curl like this:

Here's the code I use:

<?php 

$domain = 'mail.**domain**.at';
$user = 'u.name';
$password = 'sepe#2016';
$ch = curl_init('https://'.$domain.'/EWS/Services.wsdl'); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_USERPWD, $user.':'.$password);
$response = curl_exec($ch);
$info = curl_getinfo( $ch );
$error =  curl_error ($ch);
print_r(array($response,$info,$error));

?>

So, this is the result with the UMLAUT in my password.

➜  html php test.php      
Array
(
    [0] => 
    [1] => Array
        (
            [url] => https://mail.x.at/EWS/Services.wsdl
            [content_type] => 
            [http_code] => 401
            [header_size] => 447
            [request_size] => 121
            [filetime] => -1
            [ssl_verify_result] => 0
            [redirect_count] => 0
            [total_time] => 0.045133
            [namelookup_time] => 0.004159
            [connect_time] => 0.004833
            [pretransfer_time] => 0.018949
            [size_upload] => 0
            [size_download] => 0
            [speed_download] => 0
            [speed_upload] => 0
            [download_content_length] => 0
            [upload_content_length] => -1
            [starttransfer_time] => 0.045093
            [redirect_time] => 0
            [redirect_url] => 
            [primary_ip] => **EXT_IP**
            [certinfo] => Array
                (
                )

            [primary_port] => 443
            [local_ip] => 10.10.105.125
            [local_port] => 45956
        )

    [2] => 
)

This is the result without the UMLAUT

➜  html php test.php      
Array
(
    [0] => 
    [1] => Array
        (
            [url] => https://mail.x.at/EWS/Services.wsdl
            [content_type] => 
            [http_code] => 401
            [header_size] => 446
            [request_size] => 117
            [filetime] => -1
            [ssl_verify_result] => 0
            [redirect_count] => 0
            [total_time] => 0.023283
            [namelookup_time] => 0.004152
            [connect_time] => 0.004832
            [pretransfer_time] => 0.022136
            [size_upload] => 0
            [size_download] => 0
            [speed_download] => 0
            [speed_upload] => 0
            [download_content_length] => 0
            [upload_content_length] => -1
            [starttransfer_time] => 0.02325
            [redirect_time] => 0
            [redirect_url] => 
            [primary_ip] => **EXT_IP**
            [certinfo] => Array
                (
                )

            [primary_port] => 443
            [local_ip] => 10.10.105.125
            [local_port] => 45957
        )

    [2] => 
)

Didn't show any difference it seems..

here is an example of the output of my calendar where umlauts got replaced:

"Wir freuen uns, dass Sie sich f\u00fcr diese" should be "Wir freuen und, dass Sie sich für diese"

\00fc is the unicode translation of the unicode, if I understand it correctly! http://www.fileformat.info/info/unicode/char/00fc/index.htm

I'd really like to help you to resolve this issue, so just tell me how I can help! (tests, etc.)

[Garethp]

Thanks. I'll run up some examples on my own development environment and see if I can find a fix

[Garethp]

@perskes Can you tell me what Exchange Server you're running? And how you set the password? My testing environment (and my only actual environment at the moment) is Outlook on Office 365, and when I try to set my password to tësting!, the change password page saying that I can't have any spaces in my password.

[Garethp]

Also, can you tell me how you output the testing for the calendar item? I created an appointment ith Wir freuen und, dass Sie sich für diese as the Subject and the Body, and when I fetched them they came through with proper encoding, not replacing the umlaut with unicodes. The way I did this was to create a debug point in PhpStorm and use that debug point to inspect the properties of the object.

[perskes]

Hey! Thank you for your further investigation!

My details:

Microsoft Exchange Server 2016, as IT told me. The Password is set via Active Directory, which uses LDAPv3, as I probably mentioned, I built another tool that allows our company to track working-hours and the login happens via a PHP-Form and LDAPv3. Before I used v3 I had problems with umlauts as well!

I output the results directly into my terminal, which seems to support umlauts: ➜ ~ öäü

This is my php-output code:

foreach ($items as $item) {
    $subject = $item->getSubject();
    $start = $item->getStart();
    $end = $item->getEnd();
    $location = $item->getLocation();
    $item = $api->getItem($item->getItemId());
    $body = (string) $item->getBody();
    $cat = json_encode($item->getCategories());
    $cat = json_decode($cat,true);

echo $cat['String'] . "\n";
echo $subject . "\n";
echo $start . "\n";
echo $end . "\n";
echo $location . "\n";
echo $item . "\n";

And... right now I tested it again... no umlaut problem anymore. I highly assume it was caused by our Exchange server....

But, the login with a umlaut in my password still does not work:

➜  php-ews git:(master) ✗ php working_demo.php
PHP Fatal error:  Uncaught exception 'garethp\ews\API\Exception\UnauthorizedException' in /var/www/html/php-ews/vendor/garethp/php-ews/src/API/ExchangeWebServices.php:439
Stack trace:
#0 /var/www/html/php-ews/vendor/garethp/php-ews/src/API/ExchangeWebServices.php(354): garethp\ews\API\ExchangeWebServices->handleNonSuccessfulResponses(NULL, 401)
#1 /var/www/html/php-ews/vendor/garethp/php-ews/src/API/ExchangeWebServices/MiddlewareFactory.php(57): garethp\ews\API\ExchangeWebServices->processResponse(NULL)
#2 /var/www/html/php-ews/vendor/garethp/php-ews/src/API/ExchangeWebServices.php(498): garethp\ews\API\ExchangeWebServices->garethp\ews\API\ExchangeWebServices\{closure}(Object(garethp\ews\API\MiddlewareRequest), Object(Closure))
#3 /var/www/html/php-ews/vendor/garethp/php-ews/src/API/ExchangeWebServices/MiddlewareFactory.php(66): garethp\ews\API\ExchangeWebServices->garethp\ews\API\{closure}(Object(garethp\ews\API\MiddlewareRequest))
#4 /var/www/html/php-ews/vendor/garethp/php-ews/src/API/ExchangeWebServices.php(498): garethp\e in /var/www/html/php-ews/vendor/garethp/php-ews/src/API/ExchangeWebServices.php on line 439

[Garethp]

So you programmed something yourself with umlaut support for passwords? How did you achieve it? Was there a special setting you needed to set while doing the curl calls?

[perskes]

Sorry for the misunderstandin, it's basically two different things, but both use the ldap user. One is the time-tracker, one is the calendar plugin. the calendar plugin (basically the thing I posted in my previous answer) does not yet work with umlauts in passwords, but the thing that changed was that suddenly umlauts in subjects and bodies got displayed correctly.

[Garethp]

So, I've managed to pin it down to either one of two pain points.

1) Either NTLM Authentication with CURL seems to not support unicode characters. I've seen some open bugs regarding that in CURL, without any activity.

2) Or Exchange Web Services itself doesn't support Unicode passwords. Exchange might, but their Soap Server might not.

So, can you go in to ExchangeWebServicesAuth::fromUsernameAndPassword (src/API/ExchangeWebServicesAuth.php) and change the line CURLOPT_HTTPAUTH => CURLAUTH_BASIC | CURLAUTH_NTLM to CURLOPT_HTTPAUTH => CURLAUTH_BASIC, and see if that works? If Basic auth works, then we can pin it down to curl. If it doesn't work, do you know how to make the request with curl through command line? Maybe trying to make an NTLM auth request through command line in verbose mode might show more information

[arkuuu]

I can confirm the issue with umlauts in the password does exist.

Both Basic Auth and NTLM did not work via CURL (trying both this library and command line CURL), I always got 403 response. But browsers (Chrome & Firefox) were able to handle it without any problems. After all umlauts were removed from the password, I could finally connect via CURL and this library.

I would say this has something to do with CURL, I too have seen open bugs regarding that in CURL.