Started getting "refresh token failed" a week ago

[JohnAntoine]

OS: Arch Linux Mail Client: Thunderbird 102.12.0 DavMail 6.1.0 davmail.mode O365Manual

Error: ERROR [ImapConnection-35764] davmail.exchange.auth.O365Token - refresh token failed javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

I have 3 different exchange accounts connected, and all three exhibit this behavior.

[JohnAntoine]

Update: The issue was resolved by removing all accounts using Davmail along with their OAuth token, then adding everything again from scratch.

However, it would be preferable to find out why this happened and prevent it in the future.

Update 2: Since I removed all Exchange accounts and added them again, I have to manually re-authenticate once per reboot.

Any help with this issue would be appreciated.

[mguessan]

Sorry for the delay, I can answer on first issue: refresh token stored by DavMail is encrypted with client provided password over IMAP, Caldav, ... Thus the root cause of the BadPaddingException above is that one client had a wrong password stored.

On your other issue I see two possible source:

• DavMail is unable to reload refresh token => try to manually stop DavMail, then launch it again (without reboot) and see if this triggers a reauth
• Network access issues on boot/after hibernate: I noticed that sometimes I have an authentication failure that triggers a reauth popup when network was not completely down (this is detected by DavMail) but not fully up => in this case just cancel the popup and retry from mail client, the refresh token is still valid.