search

mguessan / davmail

DavMail POP/IMAP/SMTP/Caldav/Carddav/LDAP Exchange and Office 365 Gateway - Synced with main subversion repository at
http://davmail.sourceforge.net
GNU General Public License v2.0
580 stars 86 forks source link

Office 365 modern authentication URL is not printed to log #355

Open logological opened 6 months ago

logological commented 6 months ago

The question "Is Office 365 modern authentication / MFA supported ?" in the DavMail FAQ contains the following note:

You will have to give your consent to DavMail access on first call, check davmail log for exact url or use O365Interactive once

It's true that using the O365Interactive mode will cause DavMail to prompt for the access token (in a rather roundabout way, by telling users to open a URL in their web browser and then copying the token from the address bar). Curiously, the same dialog appears when using the O365Manual mode (provided DavMail has been compiled with openjfx). It's only when using the O365Modern mode that the dialog does not open, but rather gets printed to the log.

Perhaps this sentence in the FAQ should be changed to indicate which modes result in which behaviour, and what to do with the URL that is emitted. Maybe something like the following?

You will have to give your consent to DavMail access on first call. When using the O365Interactive or O365Manual modes, DavMail will pop up a dialog that provides an authentication URL. When using the O365Modern mode, the authentication URL is printed to the log file (at level DEBUG). In either case, you must open the URL in a web browser, which will redirect you to another URL. You must copy the access token from this new URL and paste it into the DavMail dialog (in the case of O365Interactive or O365Manual) or into davmail.properties file as the value of a davmail.oauth.USERNAME.refreshToken key (where USERNAME is your username).

mguessan commented 6 months ago

Thanks for you feedback, O365 authentication became somewhat complex after Microsoft deprecated password authentication.

Updated FAQ with some more information. Please note that if you don't get the embedded browser with 0365Interactive this means that your JDK does not have OpenJFX support. On Windows you can use the standalone package, on Linux get the platform independent package and launch davmail azul once.

Sample url for consent, replace client_id and redirect_uri with your settings :

https://login.microsoftonline.com/common/oauth2/authorize?client_id=facd6cff-a294-4415-b59f-c5b01937d7bd&response_type=code&redirect_uri=https://login.microsoftonline.com/common/oauth2/nativeclient&response_mode=query&resource=https%3A%2F%2Foutlook.office365.com&prompt=consent

As an alternative, you can use Outlook desktop client_id/redirect_uri.