Help with MSGraph

[leavesoftea]

Hello,

I am a novice with MSGraph and have retrieved an Access Token and placed it in the .token file. Not sure if this is correct.

I tried just putting the token by itself: eyJ0eXAiOiJKV1Q ... W_7R5xP6HM64A

and also placing the entire JSON response: { "token_type": "Bearer", "scope": "Mail.ReadWrite User.Read profile openid email", "expires_in": 3616, "ext_expires_in": 3616, "access_token": "eyJ0eXAiOiJK ... W_7R5xP6HM64A", "refresh_token": "0.ATcAMY-tY6vvH ... UL8bgHJybVQ" }

I'm sure it's just lack of experience. I also have failed at using Google to find an answer.

My problem is that I keep getting this error:

sudo -u parsedmarc /opt/parsedmarc/venv/bin/parsedmarc -c /etc/parsedmarc.ini --debug INFO:cli.py:890:Starting parsedmarc 0it [00:00, ?it/s] ERROR:cli.py:1086:MS Graph Error Traceback (most recent call last): File "/opt/parsedmarc/venv/lib/python3.11/site-packages/parsedmarc/cli.py", line 1073, in _main mailbox_connection = MSGraphConnection( ^^^^^^^^^^^^^^^^^^ File "/opt/parsedmarc/venv/lib/python3.11/site-packages/parsedmarc/mail/graph.py", line 92, in init credential = _generate_credential( ^^^^^^^^^^^^^^^^^^^^^ File "/opt/parsedmarc/venv/lib/python3.11/site-packages/parsedmarc/mail/graph.py", line 65, in _generate_credential **_get_cache_args( ^^^^^^^^^^^^^^^^ File "/opt/parsedmarc/venv/lib/python3.11/site-packages/parsedmarc/mail/graph.py", line 32, in _get_cache_args AuthenticationRecord.deserialize(auth_record) File "/opt/parsedmarc/venv/lib/python3.11/site-packages/azure/identity/_auth_record.py", line 86, in deserialize raise ValueError( ValueError: Unexpected version "None". This package supports these versions: {'1.0'}

This is about as close as I have gotten to get it to use MSGRAPH and IMAP is not an option.

Any help you can give would be great.

Kind Regards

[zimage]

MSGraph was working for me with parsedmarc v8.4.2 but I've tried upgrading to parsedmarc v8.9.4 using the same config and I'm getting connection errors. I'll try to work through them and report back.

[zimage]

In parsedmarc v8.7.0, the project switched from using msgraph-core version 0.2.2 to msgraph-core v1.0.0. My parsedmarc.ini file for 8.4.2 seems to work with 8.5.0 and 8.6.0, but not with 8.7.0.

$ python -m venv ./venv
$ venv/bin/pip install parsedmarc==8.6.0
$ venv/bin/pip install msgraph_core==0.2.2 # need to force this version because pip installs msgraph_core v1.0.0
$ venv/bin/parsedmarc -c ./parsedmarc.ini --debug
...

[zimage]

What kind of authentication are you trying to do? I just created a pull request to fix my broken UsernamePassword authentication.

[leavesoftea]

I am using Username/Password and tried using 8.6.0 but I am still getting the same error messages.

This is my parsedmarc.ini:

[general]
# Save aggregate and forensic reports to Elasticsearch
save_aggregate = True
save_forensic = True

#[imap]
# Log into the DMARC report email address and download data.
#host =
#port =
#ssl =
#user =
#password =

[mailbox]
watch = True
delete = False

#[elasticsearch]
# Send data to Elastichsearch, which listens on port 9200.
#hosts = 127.0.0.1:9200
#ssl = False

#[smtp]
# For sending email
#host =
#port =
#user =
#password =
#from =

# send results to this address
#to =

[msgraph]
# For retrivieving dmarc reports
user = user@mydomain.com
password = myuserpassword
client_id = 21cc ... b034c
client_secret = .Sv8Q ... fdrh
#allow_unencrypted_storage = True

[zimage]

My MSGraph config is the same but I also have allow_unencrypted_storage = True and the tool fails to run if I comment that out, although it fails in a different place.

[zimage]

From your error message it sounds like maybe the encrypted cache file is corrupted, but I really have no idea about how MSgraph or SAML2 work at a low level.

[zimage]

I don't recall having to do anything like retrieving an Access Token and placing it in any .token file. I think I just put the magic ids and secrets in the config file and it worked. I just verified this. I renamed my .token file and ran parsedmarc and a new .token file was created and everything worked. I'd suggest you try renaming your .token file and trying that.

[leavesoftea]

I have it working now with 8.7.0. Your response about the .token file made me rethink things and it is true that I do not need the Access and Auth Tokens. It seems that my tenant was slow to register appropriate permissions when registering parsedmarc as an application.

I now am up and running and have data flowing where it should.

Thanks so much for your assistance.