search

danzuep / MailKitSimplified

Send and receive emails easily, fluently, with one line of code for each operation.
MIT License
79 stars 10 forks source link

IMAP Oauth2 for O365 #44

Closed MaxMelcher closed 9 months ago

MaxMelcher commented 11 months ago

Hey Daniel - do you plan to support oauth? Right now I only see options to pass username/password with the .SetCredentials helper. 

var imapReceiver = ImapReceiver.Create(mailbox.IMAPServer + ":" + mailbox.IMAPPort)
                    .SetCredential(mailbox.IMAPUsername, mailbox.IMAPPassword)
                    .SetFolder(folder);

O365 IMAP now requires OAUTH - and mailkit does support it: 

var confidentialClientApplication = ConfidentialClientApplicationBuilder
                .Create(mailbox.O365ClientId)
                .WithClientSecret(mailbox.O365ClientSecret)
                .WithAuthority(new Uri("https://login.microsoftonline.com/" + mailbox.O365TenantId + "/v2.0"))
                .Build();

      var authenticationResult = await confidentialClientApplication.AcquireTokenForClient(scopes).ExecuteAsync();

      var authToken = authenticationResult;
      var oauth2 = new SaslMechanismOAuth2(mailbox.Email, authToken.AccessToken);

      using (var client = new ImapClient(new ProtocolLogger("imapLog.txt")))
      {
          client.Connect("outlook.office365.com", 993, SecureSocketOptions.SslOnConnect);
          client.Authenticate(oauth2);
          var inbox = client.Inbox;
          inbox.Open(MailKit.FolderAccess.ReadOnly);
          Console.WriteLine("Total messages: {0}", inbox.Count);
          Console.WriteLine("Recent messages: {0}", inbox.Recent);
          client.Disconnect(true);

          Assert.True(inbox.Count > 0);
      }

Can I offer a pull request?

Thanks, Max

danzuep commented 11 months ago

Hey Max, OAuth2.0 authentication is supported by either injecting a custom instance of ImapClient, or using SetCustomAuthentication().

Here's an example using ImapReceiver and oauth2:

using var imapReceiver = ImapReceiver.Create(mailbox.IMAPServer).SetPort(mailbox.IMAPPort)
    .SetCustomAuthentication(async (client) => await client.AuthenticateAsync(oauth2));

This project is all about usability but currently OAuth2.0 is definitely not user-friendly, so if you've got a solution in mind that works with Office 365, Exchange, and Gmail, please do submit a pull request.

Also, if you like the project, please give it a star.

MaxMelcher commented 11 months ago

Great - I use the ImapReceiver.Create(client, options) and pass in the pre-connected client into it. Thanks 👍

danzuep commented 11 months ago

That's one of the options, a better option is to use SetCustomAuthentication as above. If you like the project, please give it a star to help other people find it.

gokhannaim commented 10 months ago

Hi Daniel ,

when I try to Monitor office 365 Inbox folder with oauth2 auth , it is not working. But when I tried with gmail ,I can monitor it successfully. I also tried Max solution (ImapReceiver.Create(client, options)) , I can read a specific mail from inbox folder , but when I try to monitor folder it is also not working.

Here is part of code,

using (var client = new ImapClient(new ProtocolLogger("imapLog.txt"))) { client.Connect("outlook.office365.com", 993, SecureSocketOptions.SslOnConnect); client.Authenticate(oauth2); var inbox = client.Inbox; inbox.Open(MailKit.FolderAccess.ReadOnly); Console.WriteLine("Total messages: {0}", inbox.Count); Console.WriteLine("Recent messages: {0}", inbox.Recent); imapReceiver = ImapReceiver.Create(client, emailReceiverOptions: emailReceiverOptions1.Value, loggerFactory.CreateLogger()); var readMailFolder = imapReceiver.ReadFrom("INBOX");

  UniqueId idd = new UniqueId(39);
  var message = await readMailFolder.GetMimeMessageAsync(idd);
  await imapReceiver.MonitorFolder
      .SetMessageSummaryItems().SetIgnoreExistingMailOnConnect()
      .OnMessageArrival(OnArrivalAsync)
      .IdleAsync();

  //client.Disconnect(true);

}

Do you have any idea for solution ?

Thanks.

danzuep commented 10 months ago

Have you tried using SetCustomAuthentication()?

using var imapReceiver = ImapReceiver.Create("outlook.office365.com")
    .SetPort(993, SecureSocketOptions.SslOnConnect).SetLogger(loggerFactory)
    .SetCustomAuthentication(async (client) => await client.AuthenticateAsync(oauth2));
var messageSummaries = await _imapReceiver.ReadMail.Top(3).GetMessageSummariesAsync();
foreach (var messageSummary in messageSummaries)
{
    var mimeMessage = await messageSummary.GetMimeMessageAsync(cancellationToken);
    logger.LogInformation($"{imapReceiver} message #{messageSummary.UniqueId} arrival processed, {mimeMessage.MessageId}.");
}

I find this easier to read than using ImapClient. Use SetMinimumLevel(LogLevel.Trace) with the logger factory to see logs of every change.

What error messages is the logger displaying?

gokhannaim commented 10 months ago

Hi Daniel,

I get an error when I use SetCustomAuthentication, see MailKit.Security.AuthenticationException: 'LOGIN failed.'

So I had to try ImapClient. While ImapClient can log in with the oauth2 I am connected to and even read emails from the inbox, I cannot use _imapReceiver. It probably can't recognize that I'm logged in or can't accept the client.

But when I use SetCustomAuthentication I directly get a 'Sign In Failed' message. Do you have any ideas on this subject?

Thanks a lot Daniel

danzuep commented 10 months ago

I don't have an Office 365 account sorry, so can you do some debugging for me? If you put a breakpoint in the ImapReceiver class on line 267 then run a sample project with the code I gave above, then you should see it running exactly the same code as what you posted (but async). Try commenting out the compression on lines 255-256 or manually adding await _imapClient.AuthenticateAsync(oauth2) on line 266 to see what the difference is between the two ways of doing it.

gokhannaim commented 10 months ago

Hi Daniel , I changed ConnectImapClientAsync method like that;

//if (_imapClient.Capabilities.HasFlag(ImapCapabilities.Compress))
//    await _imapClient.CompressAsync(cancellationToken).ConfigureAwait(false);
await _imapClient.AuthenticateAsync(oauth2);

it auth sucessfully, but when I try to monitor folder , with same token I took an error Auth Failed. it needs always refresh token.

Therefore, I was able to buy tokens again and continue. How can we solve our first problem, lines 255-266? I add it to my project as nuget and use it, so I cannot repair the code. How can we solve this problem?

danzuep commented 10 months ago

I think I know why the monitoring isn't working (imapReceiver.Clone() wasn't cloning CustomAuthenticationMethod). I've posted an update, try using the latest version. Also just to be clear about the testing you did, if you uncomment the compression lines but leave the manual authentication step does it exhibit the same or different behaviour? What about if you remove the manual authentication step and use SetCustomAuthentication, does it still authenticate?

danzuep commented 10 months ago

Hi @gokhannaim, did those changes fix the issue you were experiencing? If so I'll do a release.

danzuep commented 9 months ago

I'll assume no news is good news, released.