search

pluginsGLPI / oauthimap

Oauth authentication for Imap receivers of GLPI
GNU General Public License v2.0
11 stars 11 forks source link

Unable to save authorization code #68

Closed aprigio311 closed 7 hours ago

aprigio311 commented 1 week ago

Code of Conduct

Is there an existing issue for this?

GLPI Version

GLPI 10.0.15

Plugin version

1.4.3

Bug description

I can't use the plugin, in the moment of authentication... only print message "Unable to save authorization code".

And the logs printed this:

Timestamp: 2024-11-18 14:27:36Z in /var/www/html/glpi/plugins/oauthimap/inc/authorization.class.php at line 423 Backtrace : plugins/oauthimap/inc/authorization.class.php:423 trigger_error() ...s/oauthimap/front/authorization.callback.php:77 PluginOauthimapAuthorization->createFromCode() public/index.php:82 require()

[2024-11-18 14:31:45] glpiphplog.WARNING: *** PHP User Warning (512): Unable to get user email in /var/www/html/glpi/plugins/oauthimap/inc/authorization.class.php at line 434 Backtrace : plugins/oauthimap/inc/authorization.class.php:434 trigger_error() ...s/oauthimap/front/authorization.callback.php:77 PluginOauthimapAuthorization->createFromCode() public/index.php:82 require()

[2024-11-18 14:35:58] glpiphplog.WARNING: *** PHP User Warning (512): Unable to get user email in /var/www/html/glpi/plugins/oauthimap/inc/authorization.class.php at line 434 Backtrace : plugins/oauthimap/inc/authorization.class.php:434 trigger_error() ...s/oauthimap/front/authorization.callback.php:77 PluginOauthimapAuthorization->createFromCode() public/index.php:82

Relevant log output

Timestamp: 2024-11-18 14:27:36Z in /var/www/html/glpi/plugins/oauthimap/inc/authorization.class.php at line 423
  Backtrace :
  plugins/oauthimap/inc/authorization.class.php:423  trigger_error()
  ...s/oauthimap/front/authorization.callback.php:77 PluginOauthimapAuthorization->createFromCode()
  public/index.php:82                                require()

[2024-11-18 14:31:45] glpiphplog.WARNING:   *** PHP User Warning (512): Unable to get user email in /var/www/html/glpi/plugins/oauthimap/inc/authorization.class.php at line 434
  Backtrace :
  plugins/oauthimap/inc/authorization.class.php:434  trigger_error()
  ...s/oauthimap/front/authorization.callback.php:77 PluginOauthimapAuthorization->createFromCode()
  public/index.php:82                                require()

[2024-11-18 14:35:58] glpiphplog.WARNING:   *** PHP User Warning (512): Unable to get user email in /var/www/html/glpi/plugins/oauthimap/inc/authorization.class.php at line 434
  Backtrace :
  plugins/oauthimap/inc/authorization.class.php:434  trigger_error()
  ...s/oauthimap/front/authorization.callback.php:77 PluginOauthimapAuthorization->createFromCode()
  public/index.php:82

Page URL

No response

Steps To reproduce

No response

Your GLPI setup information

GLPI 10.0.15 ( => /var/www/html/glpi) Installation mode: TARBALL Current language:pt_BR

Anything else?

No response

stonebuzz commented 1 week ago

Hi @aprigio311

To address the error related to the expired token, I suggest revoking the current authorization on Azure and initiating a new authorization request through the plugin. Please follow the steps below:

Revoking Authorization on Azure

  1. Log in to the Azure portal as an administrator.
  2. Navigate to Azure Active Directory > App Registrations.
  3. Locate the application used by the plugin.
  4. Remove the granted authorization by selecting Revoke admin consent.

Initiating a New Authorization Request via the Plugin

  1. Start the OAuth authorization process to generate a new token.
  2. Follow the steps to grant the necessary permissions.

Best regards

aprigio311 commented 1 week ago

I revoked and the issue continue: log_print

[2024-11-18 15:43:16] glpiphplog.WARNING: *** PHP User Warning (512): Unable to get user email in /var/www/html/glpi/plugins/oauthimap/inc/authorization.class.php at line 434 Backtrace : plugins/oauthimap/inc/authorization.class.php:434 trigger_error() ...s/oauthimap/front/authorization.callback.php:77 PluginOauthimapAuthorization->createFromCode() public/index.php:82 require()

[2024-11-18 15:50:32] glpiphplog.WARNING: *** PHP User Warning (512): Unable to get user email in /var/www/html/glpi/plugins/oauthimap/inc/authorization.class.php at line 434 Backtrace : plugins/oauthimap/inc/authorization.class.php:434 trigger_error() ...s/oauthimap/front/authorization.callback.php:77 PluginOauthimapAuthorization->createFromCode() public/index.php:82

stonebuzz commented 1 week ago

Hi @aprigio311

Okay, the token is now being retrieved correctly.

However, it seems that the account used for authorization is not associated with an email address. Could you please confirm or refute this?

aprigio311 commented 4 days ago

I confirmed account utilized, but now GLPI sends me log erros: User and password are correct.

[2024-11-22 12:09:55] glpiphplog.CRITICAL: * Uncaught Exception Laminas\Mail\Storage\Exception\RuntimeException: cannot change folder, maybe it does not exist in /var/www/html/glpi/vendor/laminas/laminas-mail/src/Storage/Imap.php at line 386 What folder is this he asks for?**

stonebuzz commented 4 days ago

Hi can you post the whole trace here?

aprigio311 commented 4 days ago

[2024-11-22 12:09:55] glpiphplog.CRITICAL: *** Uncaught Exception Laminas\Mail\Storage\Exception\RuntimeException: cannot change folder, maybe it does not exist in /var/www/html/glpi/vendor/laminas/laminas-mail/src/Storage/Imap.php at line 386 Backtrace : ...authimap/inc/imap/imapoauthstorage.class.php:78 Laminas\Mail\Storage\Imap->selectFolder() ...authimap/inc/mailcollectorfeature.class.php:101 GlpiPlugin\Oauthimap\Imap\ImapOauthStorage->__construct() src/Toolbox.php:2233 GlpiPlugin\Oauthimap\MailCollectorFeature::GlpiPlugin\Oauthimap{closure}() src/MailCollector.php:1434 Toolbox::getMailServerStorageInstance() src/MailCollector.php:708 MailCollector->connect() front/mailcollector.form.php:106 MailCollector->collect() public/index.php:82 require()

What do you think?

stonebuzz commented 4 days ago

Check the configuration of your mail collector to see if the folder for transferring OK / KO mails exists.

aprigio311 commented 4 days ago

Can you help me to find this path?

stonebuzz commented 4 days ago

image

aprigio311 commented 4 days ago

Okay, I verified this option and was empty.. So, I created the folder GLPI in e-mail account and applied this value, but I continue with the same errors...

stonebuzz commented 4 days ago

and for this

image

do you use the default value “INBOX”?

aprigio311 commented 4 days ago

Yes, I tried with "INBOX", "Inbox" and empty, and received the same errors log

stonebuzz commented 4 days ago

the INBOX folder exists in the account used to connect mails?

aprigio311 commented 4 days ago

Yes, the folder INBOX exists in the account used to connect mails... WhatsApp Image 2024-11-22 at 11 31 59

stonebuzz commented 4 days ago

What is your provider? Office 365?

aprigio311 commented 3 days ago

yes... server: outlook.office365.com

stonebuzz commented 3 days ago

Can you try this

On your Tenant, in “APIs used by my organization”, search for “Office 365 Exchange” and select “Office 365 exchange online” then “delegated authorization”. In the menu below, select “mail” and activate the authorizations below, then click on “add authorization”.

aprigio311 commented 1 day ago

Now It's ok, the license on Exchange was wrong, thank you @stonebuzz !