search

mguessan / davmail

DavMail POP/IMAP/SMTP/Caldav/Carddav/LDAP Exchange and Office 365 Gateway - Synced with main subversion repository at
http://davmail.sourceforge.net
GNU General Public License v2.0
580 stars 86 forks source link

Issues getting Davmail to authenticate with Outlook Oauth2 in headless mode #233

Closed miversen33 closed 2 years ago

miversen33 commented 2 years ago

Hello!

I am researching if davmail is the appropriate tool for a niche usecase we have in environment, and I am running into an odd issue that I don't really know how to troubleshoot.

To explain the issue, I should give some context first.

We have a mail box that runs on outlook, which we have some scripts that reach out to and consume the inbox contents. It appears that microsoft is sunsetting traditional authentication methods in favor of oauth2 and so we are investigating ways to work around this. One of the routes we are looking into is using davmail as a sort of proxy (IE, we change our scripts to reach out to a deployed headless davmail instance instead of outlook).

That said, I am strugging to get davmail to properly authenticate a test user with O365Modern auth type on a headless server. It seems to be forcing the use of a redirect URL, except that as this is a headless server, that redirect URL will never be used.

I have attached the log I am getting when I attempt to reach out (with domain, client id, and application id redacted)

2022-09-19 18:04:36,011 DEBUG [main] davmail.DavGateway  - Headless mode, do not create GUI
2022-09-19 18:04:36,012 DEBUG [main] davmail.DavGateway  - Start DavMail in server mode
2022-09-19 18:04:36,034 INFO  [main] davmail  - DavMail Gateway  listening on POP port 1110
2022-09-19 18:04:43,753 DEBUG [davmail.pop.PopServer] davmail  - Connection from /172.17.0.1 on port 1110
2022-09-19 18:04:43,755 INFO  [davmail.pop.PopServer] davmail.connection  - CONNECT - 172.17.0.1:54990
2022-09-19 18:04:43,910 DEBUG [PopConnection-54990] davmail.http.DavGatewaySSLSocketFactory  - createSocket outlook.com 443
2022-09-19 18:04:44,279 DEBUG [PopConnection-54990] davmail.exchange.ExchangeSession  - Test configuration status: 301
2022-09-19 18:04:44,282 DEBUG [PopConnection-54990] davmail  - > +OK DavMail  POP ready at Mon Sep 19 18:04:44 GMT 2022
2022-09-19 18:04:44,283 DEBUG [PopConnection-54990] davmail  - < USER miketest@somedomain.com
2022-09-19 18:04:44,283 DEBUG [PopConnection-54990] davmail  - > +OK USER : miketest@somedomain.com
2022-09-19 18:04:44,283 DEBUG [PopConnection-54990] davmail  - < PASS ********
2022-09-19 18:04:44,286 INFO  [PopConnection-54990] davmail.Settings  - Created token file /var/davmail.tokens
2022-09-19 18:04:44,289 DEBUG [PopConnection-54990] davmail.exchange.auth.O365Authenticator  - https://login.microsoftonline.com/NA/oauth2/v2.0/authorize?client_id=NA&response_type=code&redirect_uri=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fnativeclient&response_mode=query&login_hint=miketest%40somedomain.com&scope=openid+https%3A%2F%2Foutlook.office365.com%2FEWS.AccessAsUser.All
2022-09-19 18:04:44,289 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - GET https://login.microsoftonline.com/NA/oauth2/v2.0/authorize?client_id=NA&response_type=code&redirect_uri=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fnativeclient&response_mode=query&login_hint=miketest%40somedomain.com&scope=openid+https%3A%2F%2Foutlook.office365.com%2FEWS.AccessAsUser.All
2022-09-19 18:04:44,305 DEBUG [PopConnection-54990] davmail.http.DavGatewaySSLSocketFactory  - createSocket login.microsoftonline.com 443
2022-09-19 18:04:44,616 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: buid][value: 0.AS0AfwP37QD16keKXF4PfyvgR6lH50-59VlBqibfnEPHGIItAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrMpJyo338tHor0X5iUfk14AWsKINtKrdUjQyerf8eQ0KzHazCPJMuj0X1KMrezEkIUbhdBC4XrOhU4f8t5ZPLSwYzvnJQCl48ggZ3_WxUE_ogAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:44,617 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: fpc][value: AoT_su6zHc9GocO9YbH3lhv06D49AQAAADumutoOAAAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:44,618 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: esctx][value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevr3fWK2Y3HG0qr17hPTT3MaryhmKqiWdiM68sXhAK9Y5tHpF-e48_15fkbbmSb0Kelq9u7FMJsqWiqjjZqvW1_VXBL84R2JhspaF-6sNRUl4_uCW-9u21iDrFTIpcYwajWN4OtwUibtBWOSpT2tILxxQR4jCninNfonNKKBmaIxi8gAA][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,618 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: x-ms-gateway-slice][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,619 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: stsservicecookie][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,786 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: fpc][value: AoT_su6zHc9GocO9YbH3lhv06D49AQAAADumutoOAAAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:44,788 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: x-ms-gateway-slice][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,788 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: stsservicecookie][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,789 DEBUG [PopConnection-54990] davmail.exchange.auth.O365Authenticator  - CredentialType={"Username":"miketest@somedomain.com","Display":"miketest@somedomain.com","IfExistsResult":0,"IsUnmanaged":false,"ThrottleStatus":0,"Credentials":{"PrefCredential":1,"HasPassword":true,"RemoteNgcParams":null,"FidoParams":null,"SasParams":null,"CertAuthParams":null,"GoogleParams":null,"FacebookParams":null},"EstsProperties":{"DesktopSsoEnabled":true,"UserTenantBranding":null,"DomainType":3},"FlowToken":"AQABAAEAAAD--DLA3VO7QrddgJg7Wevr8-Ki4TemT_s8cMKOC5KVGbfc4MgVfeqoy7mNvonfyaMfIHIFn8X7CoFhksytrFy2bkC5Gn5NKzgEgG6OpYe_x3YeVvgORTawi9gUCRSVVQ9iZ_I1L_Eo4K6aKqH9j7-qEmHS5SMLgrcebvK7sjRDP0gayvVB5mUym3_TaU2FwSGzXTVkBOJzaCX-27DqlsyIaoKpZoszP8HWVySuj3u1jzDc0X9FmQG0TXu90I4geickZ4Lhf3fbzh9GVoX3gJA_Lmv2m-Lafj8Zwi8EGvQgz_jlForFecyYEXUMPY9i8VfkEfk42wcIoAQZ-0aelsmn-7jpL_4HBPsy0jXqbn1gj4IGfYvUmJIx8AGiGr-e7aR8wtzUSSaaZ_41dRKK3kYWPXdu7NzBMrDEuZDBDjipyTwMfeFoGAnLAS0kfgLnPnjUA1u2LQuSNx6bJExpPHhbfb5UZJs9EfbUICzvlLNWZkeCMoJdUaY8WED3hCuvAP6s4Q_OtJn06UTTxwqHls9y57-cRBhCHHq89IUl440I2Gh53FRe7xiE380HDVC4qn02XlMRa_x3_fYD2CTOjoHq0rLFAAIoVCKCRMCMM4IY4_A2KCoSCNp3zPylubCcdCd3_3RWycj5nePEbqD8sO5w8DurprPPiXpIxqcwFBGOTCAA","IsSignupDisallowed":true,"apiCanary":"AQABAAAAAAD--DLA3VO7QrddgJg7WevrXJC511j_qmGAhHhBzHbaylD8_k9gprXe65-3B9iemF8GFJl34v7hI_KEEDq66Sj4wmN3pgPBQXdigb6eNt-dQm1mbXw27I9ohL5pHEnNW6lwGKxPyYkEcQm2weFRfDX1PVduhXWkc7klVHtRlT0f9IQ9eMGgJz_ZGengonPxEO7mzSqgNmlq5mJarqy_VHQOcpFRNGQiE4JGKXNXCYZsFCAA"}
2022-09-19 18:04:45,039 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ESTSAUTHPERSISTENT][value: 0.AS0AfwP37QD16keKXF4PfyvgR6lH50-59VlBqibfnEPHGIItAAA.AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P8-G9vNMolqYb6Nlhcu4aaaDCZ4v0lSl3vCQ_myIIdquAeoXFDlHeCZoO3EBvJshHLBzqZZplDDf_e77Bi4c6MY3g8e7ODTJQTL6EfK2g2RMQkNUG1Fz2gRuBz1IsYeZNiomYsZnmSki_Hk56rfioO0ABvQJ6wTRn3suWIvS3uiguPtQrTipEO6K4TS9OJvM6s3V74FgiX-fwjqYn9UWR-qTuX4untqgWNDMsxY3pmBNra77EwVXsxWnRuVcxNj43kXAJR38q51Cq-5NIdEjcay0WTk7vVP0kKkXjeHSdsfoRv736WJDoZlV7uRVA7WBGyDAJT8rTC_pHnPSd863EUjcVUTLlxNgIPeelpXhl8E1w7RmfPnHUdbowxX58a2Kf7Si1y5GSQHwzFghq4I-MltNTNGdrMPhIpZi18SA5H27yeILqzNNMgQabWI8VELyHHGJ-3_yfuLgGC1fUcP_B9YO3LoWOl5][domain: login.microsoftonline.com][path: /][expiry: Sun Dec 18 18:04:44 GMT 2022]
2022-09-19 18:04:45,039 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ESTSAUTH][value: 0.AS0AfwP37QD16keKXF4PfyvgR6lH50-59VlBqibfnEPHGIItAAA.AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-WBWzdTgIvzCRaQjKBQugEHJJQs_joOXCSSBQcsnjz5EAG3TWkuxuY72h0mpcejCKHTMgqfk8X4uAk6DQBOT3C6ggMLvUMIspvnb2cJbHx8AXkfZJ5L1QQ_se6e-z4y548dHN3oJvCUejqdT23iSwWkW51KpCrIs03U27YdzVCYXsK3tmrRXhWqUHbOT5IV-waad6dAq5B9mgYGuOvSQFti_R6MUH8R_46wE8dGwcCyP_RtElTVVShpJeVXNK9wFx85cIkf8W87cHrBBQI_q2qabMx5S-RlOP34LaovI4F9qehQsUPekQCxIWjEewPWQrgRQAvBlFlH7g1g088mpFqRBNbb8e9J7lefMwx8FlbCRRa_r5t8ZjRKFyY_4c5CrLTOd1qyQstEp6Q5JJMWJ75uyb-3LgSNalGWmzDOibL3LfWFIKFbn9hu5LNh8U8U7g2U09OJHK_UzPFOzVT0v8tnYY_b8HGj2k2tnp_7-eatSOUdkjNjtcJbl6iEtJeTjdz20582NbnxIeGrBXjgYAsHaBE3REg5UZJnAj641m54FWOpURaixPp2MWq2mIT1u_FthxpHFV1Ds2x16wU9pBJpz0KpryFBwoGEf3fjJhAgw][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,040 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ESTSAUTHLIGHT][value: +4e999082-595d-4836-858e-ef76277cd4e7][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,040 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ch][value: k0E5FyH6mM-XYdpOFVJgRrvnGVMPMiIQXJO2fAKrl0A][domain: login.microsoftonline.com][path: /][expiry: Sun Dec 18 18:04:44 GMT 2022]
2022-09-19 18:04:45,040 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ESTSSC][value: 00][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,041 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: buid][value: 0.AS0AfwP37QD16keKXF4PfyvgR6lH50-59VlBqibfnEPHGIItAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrxFXRuCKu03ohRObayMAP6970_OGPPwSCPugbhT9d22sHNhRo8eouSfhMYzemOAgH7KjQbpXum8OME9fyiQwEnjiNj0yxieL_7BgwsRUlfKkgAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:45,041 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: fpc][value: AoT_su6zHc9GocO9YbH3lhv06D49AQAAADumutoOAAAAwMLaKgEAAAA7prraDgAAAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:45,042 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: x-ms-gateway-slice][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,042 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: stsservicecookie][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,048 DEBUG [PopConnection-54990] davmail.exchange.auth.O365Authenticator  - O365 returned error:
2022-09-19 18:04:45,049 ERROR [PopConnection-54990] davmail  - Authentication failed: invalid user or password
davmail.exception.DavMailAuthenticationException: Authentication failed: invalid user or password
        at davmail.exchange.auth.O365Authenticator.authenticate(O365Authenticator.java:217)
        at davmail.exchange.ExchangeSessionFactory.getInstance(ExchangeSessionFactory.java:182)
        at davmail.exchange.ExchangeSessionFactory.getInstance(ExchangeSessionFactory.java:93)
        at davmail.pop.PopConnection.run(PopConnection.java:141)
2022-09-19 18:04:45,051 DEBUG [PopConnection-54990] davmail  - > -ERR Authentication failed: invalid user or password
2022-09-19 18:04:45,056 INFO  [PopConnection-54990] davmail.connection  - DISCONNECT - 172.17.0.1:549902022-09-19 18:04:36,011 DEBUG [main] davmail.DavGateway  - Headless mode, do not create GUI
2022-09-19 18:04:36,012 DEBUG [main] davmail.DavGateway  - Start DavMail in server mode
2022-09-19 18:04:36,034 INFO  [main] davmail  - DavMail Gateway  listening on POP port 1110
2022-09-19 18:04:43,753 DEBUG [davmail.pop.PopServer] davmail  - Connection from /172.17.0.1 on port 1110
2022-09-19 18:04:43,755 INFO  [davmail.pop.PopServer] davmail.connection  - CONNECT - 172.17.0.1:54990
2022-09-19 18:04:43,910 DEBUG [PopConnection-54990] davmail.http.DavGatewaySSLSocketFactory  - createSocket outlook.com 443
2022-09-19 18:04:44,279 DEBUG [PopConnection-54990] davmail.exchange.ExchangeSession  - Test configuration status: 301
2022-09-19 18:04:44,282 DEBUG [PopConnection-54990] davmail  - > +OK DavMail  POP ready at Mon Sep 19 18:04:44 GMT 2022
2022-09-19 18:04:44,283 DEBUG [PopConnection-54990] davmail  - < USER miketest@somedomain.com
2022-09-19 18:04:44,283 DEBUG [PopConnection-54990] davmail  - > +OK USER : miketest@somedomain.com
2022-09-19 18:04:44,283 DEBUG [PopConnection-54990] davmail  - < PASS ********
2022-09-19 18:04:44,286 INFO  [PopConnection-54990] davmail.Settings  - Created token file /var/davmail.tokens
2022-09-19 18:04:44,289 DEBUG [PopConnection-54990] davmail.exchange.auth.O365Authenticator  - https://login.microsoftonline.com/NA/oauth2/v2.0/authorize?client_id=NA&response_type=code&redirect_uri=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fnativeclient&response_mode=query&login_hint=miketest%40somedomain.com&scope=openid+https%3A%2F%2Foutlook.office365.com%2FEWS.AccessAsUser.All
2022-09-19 18:04:44,289 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - GET https://login.microsoftonline.com/NA/oauth2/v2.0/authorize?client_id=NA&response_type=code&redirect_uri=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fnativeclient&response_mode=query&login_hint=miketest%40somedomain.com&scope=openid+https%3A%2F%2Foutlook.office365.com%2FEWS.AccessAsUser.All
2022-09-19 18:04:44,305 DEBUG [PopConnection-54990] davmail.http.DavGatewaySSLSocketFactory  - createSocket login.microsoftonline.com 443
2022-09-19 18:04:44,616 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: buid][value: 0.AS0AfwP37QD16keKXF4PfyvgR6lH50-59VlBqibfnEPHGIItAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrMpJyo338tHor0X5iUfk14AWsKINtKrdUjQyerf8eQ0KzHazCPJMuj0X1KMrezEkIUbhdBC4XrOhU4f8t5ZPLSwYzvnJQCl48ggZ3_WxUE_ogAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:44,617 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: fpc][value: AoT_su6zHc9GocO9YbH3lhv06D49AQAAADumutoOAAAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:44,618 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: esctx][value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevr3fWK2Y3HG0qr17hPTT3MaryhmKqiWdiM68sXhAK9Y5tHpF-e48_15fkbbmSb0Kelq9u7FMJsqWiqjjZqvW1_VXBL84R2JhspaF-6sNRUl4_uCW-9u21iDrFTIpcYwajWN4OtwUibtBWOSpT2tILxxQR4jCninNfonNKKBmaIxi8gAA][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,618 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: x-ms-gateway-slice][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,619 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: stsservicecookie][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,786 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: fpc][value: AoT_su6zHc9GocO9YbH3lhv06D49AQAAADumutoOAAAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:44,788 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: x-ms-gateway-slice][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,788 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: stsservicecookie][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:44,789 DEBUG [PopConnection-54990] davmail.exchange.auth.O365Authenticator  - CredentialType={"Username":"miketest@somedomain.com","Display":"miketest@somedomain.com","IfExistsResult":0,"IsUnmanaged":false,"ThrottleStatus":0,"Credentials":{"PrefCredential":1,"HasPassword":true,"RemoteNgcParams":null,"FidoParams":null,"SasParams":null,"CertAuthParams":null,"GoogleParams":null,"FacebookParams":null},"EstsProperties":{"DesktopSsoEnabled":true,"UserTenantBranding":null,"DomainType":3},"FlowToken":"AQABAAEAAAD--DLA3VO7QrddgJg7Wevr8-Ki4TemT_s8cMKOC5KVGbfc4MgVfeqoy7mNvonfyaMfIHIFn8X7CoFhksytrFy2bkC5Gn5NKzgEgG6OpYe_x3YeVvgORTawi9gUCRSVVQ9iZ_I1L_Eo4K6aKqH9j7-qEmHS5SMLgrcebvK7sjRDP0gayvVB5mUym3_TaU2FwSGzXTVkBOJzaCX-27DqlsyIaoKpZoszP8HWVySuj3u1jzDc0X9FmQG0TXu90I4geickZ4Lhf3fbzh9GVoX3gJA_Lmv2m-Lafj8Zwi8EGvQgz_jlForFecyYEXUMPY9i8VfkEfk42wcIoAQZ-0aelsmn-7jpL_4HBPsy0jXqbn1gj4IGfYvUmJIx8AGiGr-e7aR8wtzUSSaaZ_41dRKK3kYWPXdu7NzBMrDEuZDBDjipyTwMfeFoGAnLAS0kfgLnPnjUA1u2LQuSNx6bJExpPHhbfb5UZJs9EfbUICzvlLNWZkeCMoJdUaY8WED3hCuvAP6s4Q_OtJn06UTTxwqHls9y57-cRBhCHHq89IUl440I2Gh53FRe7xiE380HDVC4qn02XlMRa_x3_fYD2CTOjoHq0rLFAAIoVCKCRMCMM4IY4_A2KCoSCNp3zPylubCcdCd3_3RWycj5nePEbqD8sO5w8DurprPPiXpIxqcwFBGOTCAA","IsSignupDisallowed":true,"apiCanary":"AQABAAAAAAD--DLA3VO7QrddgJg7WevrXJC511j_qmGAhHhBzHbaylD8_k9gprXe65-3B9iemF8GFJl34v7hI_KEEDq66Sj4wmN3pgPBQXdigb6eNt-dQm1mbXw27I9ohL5pHEnNW6lwGKxPyYkEcQm2weFRfDX1PVduhXWkc7klVHtRlT0f9IQ9eMGgJz_ZGengonPxEO7mzSqgNmlq5mJarqy_VHQOcpFRNGQiE4JGKXNXCYZsFCAA"}
2022-09-19 18:04:45,039 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ESTSAUTHPERSISTENT][value: 0.AS0AfwP37QD16keKXF4PfyvgR6lH50-59VlBqibfnEPHGIItAAA.AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P8-G9vNMolqYb6Nlhcu4aaaDCZ4v0lSl3vCQ_myIIdquAeoXFDlHeCZoO3EBvJshHLBzqZZplDDf_e77Bi4c6MY3g8e7ODTJQTL6EfK2g2RMQkNUG1Fz2gRuBz1IsYeZNiomYsZnmSki_Hk56rfioO0ABvQJ6wTRn3suWIvS3uiguPtQrTipEO6K4TS9OJvM6s3V74FgiX-fwjqYn9UWR-qTuX4untqgWNDMsxY3pmBNra77EwVXsxWnRuVcxNj43kXAJR38q51Cq-5NIdEjcay0WTk7vVP0kKkXjeHSdsfoRv736WJDoZlV7uRVA7WBGyDAJT8rTC_pHnPSd863EUjcVUTLlxNgIPeelpXhl8E1w7RmfPnHUdbowxX58a2Kf7Si1y5GSQHwzFghq4I-MltNTNGdrMPhIpZi18SA5H27yeILqzNNMgQabWI8VELyHHGJ-3_yfuLgGC1fUcP_B9YO3LoWOl5][domain: login.microsoftonline.com][path: /][expiry: Sun Dec 18 18:04:44 GMT 2022]
2022-09-19 18:04:45,039 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ESTSAUTH][value: 0.AS0AfwP37QD16keKXF4PfyvgR6lH50-59VlBqibfnEPHGIItAAA.AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-WBWzdTgIvzCRaQjKBQugEHJJQs_joOXCSSBQcsnjz5EAG3TWkuxuY72h0mpcejCKHTMgqfk8X4uAk6DQBOT3C6ggMLvUMIspvnb2cJbHx8AXkfZJ5L1QQ_se6e-z4y548dHN3oJvCUejqdT23iSwWkW51KpCrIs03U27YdzVCYXsK3tmrRXhWqUHbOT5IV-waad6dAq5B9mgYGuOvSQFti_R6MUH8R_46wE8dGwcCyP_RtElTVVShpJeVXNK9wFx85cIkf8W87cHrBBQI_q2qabMx5S-RlOP34LaovI4F9qehQsUPekQCxIWjEewPWQrgRQAvBlFlH7g1g088mpFqRBNbb8e9J7lefMwx8FlbCRRa_r5t8ZjRKFyY_4c5CrLTOd1qyQstEp6Q5JJMWJ75uyb-3LgSNalGWmzDOibL3LfWFIKFbn9hu5LNh8U8U7g2U09OJHK_UzPFOzVT0v8tnYY_b8HGj2k2tnp_7-eatSOUdkjNjtcJbl6iEtJeTjdz20582NbnxIeGrBXjgYAsHaBE3REg5UZJnAj641m54FWOpURaixPp2MWq2mIT1u_FthxpHFV1Ds2x16wU9pBJpz0KpryFBwoGEf3fjJhAgw][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,040 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ESTSAUTHLIGHT][value: +4e999082-595d-4836-858e-ef76277cd4e7][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,040 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ch][value: k0E5FyH6mM-XYdpOFVJgRrvnGVMPMiIQXJO2fAKrl0A][domain: login.microsoftonline.com][path: /][expiry: Sun Dec 18 18:04:44 GMT 2022]
2022-09-19 18:04:45,040 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: ESTSSC][value: 00][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,041 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: buid][value: 0.AS0AfwP37QD16keKXF4PfyvgR6lH50-59VlBqibfnEPHGIItAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrxFXRuCKu03ohRObayMAP6970_OGPPwSCPugbhT9d22sHNhRo8eouSfhMYzemOAgH7KjQbpXum8OME9fyiQwEnjiNj0yxieL_7BgwsRUlfKkgAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:45,041 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: fpc][value: AoT_su6zHc9GocO9YbH3lhv06D49AQAAADumutoOAAAAwMLaKgEAAAA7prraDgAAAA][domain: login.microsoftonline.com][path: /][expiry: Wed Oct 19 18:04:44 GMT 2022]
2022-09-19 18:04:45,042 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: x-ms-gateway-slice][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,042 DEBUG [PopConnection-54990] davmail.http.HttpClientAdapter  - Add cookie [version: 0][name: stsservicecookie][value: estsfd][domain: login.microsoftonline.com][path: /][expiry: null]
2022-09-19 18:04:45,048 DEBUG [PopConnection-54990] davmail.exchange.auth.O365Authenticator  - O365 returned error:
2022-09-19 18:04:45,049 ERROR [PopConnection-54990] davmail  - Authentication failed: invalid user or password
davmail.exception.DavMailAuthenticationException: Authentication failed: invalid user or password
        at davmail.exchange.auth.O365Authenticator.authenticate(O365Authenticator.java:217)
        at davmail.exchange.ExchangeSessionFactory.getInstance(ExchangeSessionFactory.java:182)
        at davmail.exchange.ExchangeSessionFactory.getInstance(ExchangeSessionFactory.java:93)
        at davmail.pop.PopConnection.run(PopConnection.java:141)
2022-09-19 18:04:45,051 DEBUG [PopConnection-54990] davmail  - > -ERR Authentication failed: invalid user or password
2022-09-19 18:04:45,056 INFO  [PopConnection-54990] davmail.connection  - DISCONNECT - 172.17.0.1:54990

My properties file is attached as well ( davmail.properties with domain specific details redacted)

I do have access to the audit details for our Azure instance, and I can see the error that was provided on the failed login

Status: Interrupted
Additional Details: This is an expected part of the login flow, where a user is asked if they want to remain signed into this browser to make further logins easier. For more details, see https://techcommunity.microsoft.com/t5/Azure-Active-Directory/The-new-Azure-AD-sign-in-and-Keep-me-signed-in-experiences/td-p/128267

I dont really know where to go from here. I can provide whatever additional information is needed

cferr commented 2 years ago

On successful login, there is a "Stay signed in?" dialog box that appears (yes/no question) and your audit log seems to say that it really needs an answer to this question.

I bet the least bad thing to do here is to forward the redirect URL to the client (and have them select OAuth2 as a method in their email client so that a popup opens on their side). It's still bad as it involves a GUI somewhere though...

miversen33 commented 2 years ago

We figured it out! There were several things that we needed to do, I have added them below

Once all of that was done, we are now able to use davmail in headless mode with O365 tokens :)

I am not completely sure we needed to use the EWS url but I dont want to make any further changes as we are quickly running out of time to deploy this (the O365 cutoff for POP3 is 10/01).

Thank you for the fantastic application :)