Closed marco-brandizi closed 3 months ago
Fwiw, using the Outlook client ID and redirect URI in Davmail is still working for me. Therefore I'd say that neither value has changed from what's quoted in #71 . I don't know if it makes a difference, but I use O365Interactive Exchange Protocol to connect to my corporate account.
Thanks @s-p-turner . Some more investigation:
urn:ietf:wg:oauth...
because the scheme isn't supported". That URN reported by the log message was the one to be put back in the DavMail pop-up. My understanding is Safari isn't equally geek-friendly.Any idea how to fix it?
Any idea how to fix it?
Sorry - no idea. I'm only an end user of Davmail.
I suspect some b*@x!*d has disabled all browsers except Safari (I'm on a Mac)
Fwiw I use Firefox on Windows.
Thanks, it does the same as Safari with FF (guess that at least, they're allowing Firefox too).
Bingo! Reporting my solution, possibly useful to other victims of this filthy techno-fascism:
login.microsoftonline.com
, select it and select the 'Headers' tab on the right box, urn:ietf:wg:oauth:2.0:oob?code=***
, right-click on it and select 'Copy Value', paste it back to the DavMail Manual Authenticate box and click on 'Send'. Now your email client should work fine.It's obscene that I have go through all this pain, just because a bunch of capitalist sharks think that it's secure to dictate what apps the users should use for their work, but that's it, hope it will be useful.
@marco-brandizi it seems that dev tools are named web inspector in Safari, with similar feature as Firefox and Chrome
As an addition, in order to validate the code you obtain is correct you can do a test completely outside DavMail:
Call token endpoint with curl:
curl -d "grant_type=authorization_code&client_id=d3590ed6-52b3-4102-aeff-aad2292ab01c&redirect_uri=urn:ietf:wg:oauth:2.0:oob&code=0......." -H "Content-Type: application/x-www-form-urlencoded" -X POST https://login.microsoftonline.com/common/oauth2/token
Closing this as we answered the initial question.
For windows users I implemented a powershell script based on WebView2 to obtain a token on Entra ID joined workstations, available at: https://github.com/mguessan/o365psauth Just fetch the source code zip, nothing to compile.
Script can work with interactive authentication or based on existing user session with -SSO option
71 shows an authentication method that could be used with corporate MS accounts that are behind the (techno-fascist) InTune.
Until today, it was possible to tell DavMail the client ID and redirect URI that identify the Outlook Web App. This used to work as a means to bridge Thunderbird and corporate O365 accounts that are under this form of digital authoritarianism.
However, today the method stopped working, the login dialog that DavMail sends me ends with "your app is not approved". Is there a new clientID for this? Is there some other workaround?
Thanks in advance.