Difference in Authentication for free OneDrive vs. paid OneDrive?

[KHIONO]

Are all types of OneDrive supported? Free Standalone, paid standalone and paid as part of Microsoft 365 Business.

The Oauth settings look different for free vs. paid.

[julien-nc]

Hi, on Microsoft's documentation there is no mention of a difference between free and paid plans regarding the authentication and the API in general.

The Oauth settings look different for free vs. paid.

Do you mean you can't declare an OAuth app on https://aka.ms/AppRegistrations ? If you can, did you try to create one and use the redirect URL suggested in Nextcloud connected accounts admin settings section?

Could you show a screenshot of the Azure app registration overview page?

If there actually is a difference on how free and paid accounts can access the Microsoft services, I can't do much about that as I don't have access to a paid account and therefore can't make this NC app compatible with such service.

For the record, I went through the whole procedure again, from scratch, and this NC app works fine with my classic free OneDrive account.

[KHIONO]

Hi,

please find attached two screenshots:

1. Authentification Menu: OneDrive_Free
2. Authentication Menu: OneDrive_Business

As you can see there are different options available.

Thanks

Kristina

On Wed, 21 Jul 2021 at 11:48, Julien Veyssier @.***> wrote:

Hi, on Microsoft's documentation https://docs.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/graph-oauth?view=odsp-graph-online there is no mention of a difference between free and paid plans regarding the authentication and the API in general.

The Oauth settings look different for free vs. paid.

Do you mean you can't declare an OAuth app on https://aka.ms/AppRegistrations ? If you can, did you try to create one and use the redirect URL suggested in Nextcloud connected accounts admin settings section?

Could you show a screenshot of the Azure app registration overview page?

If there actually is a difference on how free and paid accounts can access the Microsoft services, I can't do much about that as I don't have access to a paid account and therefore can't make this NC app compatible with such service.

For the record, I went through the whole procedure again, from scratch, and this NC app works fine with my classic free OneDrive account.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/eneiluj/integration_onedrive/issues/22#issuecomment-884052632, or unsubscribe https://github.com/notifications/unsubscribe-auth/AUYUNAJEKOBQYKOUJ3FQ7ALTY2JYHANCNFSM5AXTIH4A .

[ajmcc]

I must add my support to this fault report, it is real problem. The app as it stands now can only by used with Personal Onedrive, and NOT Onedrive for business (Office 365).

I am working on a proof-of-concept deployment of Nextcloud server v.23. I've just installed and configured the app 'Nextcloud Onedrive Integration'. The users will have both personal Microsoft Accounts, and Office 365 Accounts. I configured the App Registration in the Azure domain for the Office 365 users. I opted to include ALL MS account types, both personal and Office 365, as supported account types for the app. I then completed all the other sections of the registration and provided the Client ID and secret in the Nextcloud admin settings.

I have two test Nextcloud user-accounts on the test server. One account is associated with a personal Microsoft account. The other account is associated with an Office 365 (paid-for) Microsoft Account.

I first tested the Onedrive integration using the personal Microsoft account. This successfully logged in and the app functioned as expected.

I then tested the app using the Office 365 account. The authentication for this user fails, 'Account not found'.

I noticed the login URL being used by the app is:

https://login.live.com/oauth20_authorize.srf?client_id=......

However, on the Azure AD app registration page, the published Endpoints DO NOT INCLUDE the above URL. The published Endpoint for authorisation is:

(v1) https://login.microsoftonline.com/common/oauth2/authorize (v2) https://login.microsoftonline.com/common/oauth2/v2.0/authorize

So it seems to me the 'Nextcloud Onedrive Integration' is using the wrong Endpoint.

[ajmcc]

Hi, on Microsoft's documentation there is no mention of a difference between free and paid plans regarding the authentication and the API in general.

Hi, firstly thanks for this useful app. In your earlier reply to the OP, you linked the Microsoft article 'Authorization and sign-in for OneDrive in Microsoft Graph'. This article says to authenticate at the URL:

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=...

However the app I just installed is not authenticating at this URL, instead it is authenticating at:

https://login.live.com/oauth20_authorize.srf

(eg. line 222, in 'OneDriveAPIService.php')

The predating Onedrive article at: https://docs.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/msa-oauth?view=odsp-graph-online

states that the previous approach using 'https://login.live.com' is NO LONGER RECOMMENDED.

Can this be fixed please ? I am happy to assist with testing, if needed.

Best regards, Andy

[ajmcc]

I would add that given the stance that Nextcloud is taking at Microsoft/OneDrive at the 'political' level, it would (in my opinion) be very much in the interest of Nextcloud to have a FULLY WORKING option for users to migrate away from OneDrive.

[enljm115]

I must add my support to this fault report, it is real problem. The app as it stands now can only by used with Personal Onedrive, and NOT Onedrive for business (Office 365).

Yes! I also found this problem.

[diyoyo]

I am using Office 365 in a personal context (Family license) and I am facing the same issue.

[gyto6]

I'm also concerned about this problem. I can't sync my professional account with this application.

[Eawvv]

I'm facing same issue as diyoyo, Family license, and cannot connect to the onedrive app? Any news on this?

[marcelklehr]

Please note the current status of maintenance on this repo:

While there are many things that could be done to further improve this app, the app is currently maintained with limited effort. This means:

• The main functionality works for the majority of the use cases
• We will ensure that the app will continue to work like this for future releases and we will fix bugs that we classify as 'critical'
  • We will not invest further development resources ourselves in advancing the app with new features
  • We do review and enthusiastically welcome community PR's

We would be more than excited if you would like to collaborate with us. We will merge pull requests for new features and fixes. We also would love to welcome co-maintainers.

If there is a strong business case for any development of this app, we will consider your wishes for our roadmap. Please contact your account manager to talk about the possibilities.

This means Nextcloud GmbH will currently not work on this feature, but we are happy to accept pull requests for this.

[skorupas]

It seems that after changing auth endpoint urls it successfully authenticates the business OneDrive account and it even shows the size of OneDrive data in personal settings. However the sync does not work for some reason.

lib/Service/OnedriveAPIService.php

public function requestOAuthAccessToken(array $params = [], string $method = 'POST'): array { 
    try {                                                                                                                                                                                                                    
        $url = 'https://login.microsoftonline.com/common/oauth2/v2.0/token';  
[...]

src/components/PersonalSettings.vue

const requestUrl = 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize' 
+ '?client_id=' + encodeURIComponent(this.state.client_id)
+ '&response_type=code'
+ '&redirect_uri=' + encodeURIComponent(this.redirect_uri)  
// doc mentions onedrive.readwrite, i fought quite some time to find those working scopes      
+ '&scope=' + encodeURIComponent(scopes.join(' ')) 
[...]

[Vagrantin]

I've been able to authenticated but I'm having the same issue where the job is stuck and the import is never starting. I think I will try another product because I need a solution with gives me the possibility to move out from OneDrive.