search

simonrob / email-oauth2-proxy

An IMAP/POP/SMTP proxy that transparently adds OAuth 2.0 authentication for email clients that don't support this method.
Apache License 2.0
797 stars 86 forks source link

Proxy requesting authorization over and over. #264

Closed cs-dkv closed 1 month ago

cs-dkv commented 1 month ago

Good morning and thank you for creating this life making easier software. I hope we can figure out what is wrong with our setup.

The proxy is running on Windows Server 2022 and we have a Google Work account. After setting up Client ID and secret by our Google Admin we were succesful to authorize the account - we used a program called SMTPDIagPro to send a test email and it triggered the authentication process and finish it succesfully:

image

However everytime we send a test email, another authentication process starts and we are asked to authorize the account.

This is our original config file: image

Later we followed those instructions in the config file: image but it made no difference.

What are we doing wrong?

Chris

simonrob commented 1 month ago

Does the email actually get sent?

If so, I wonder whether the tool you are using is triggering the proxy's default behaviour of re-requesting authentication if an incorrect password is supplied. Have you tried setting delete_account_token_on_password_error = False?

If this doesn't help, please post the log from the proxy in --debug mode.

cs-dkv commented 1 month ago

Good afternoon Simon and thank you for your reply,

Attached is the log you requested. I have tried every possible option in config file but always end up with re-authentication.

The SMTP Diag program also throws the error after successful authentication which looks like this:

[image: image.png] The credentials are correct - I need them to be correct in order to login to Google in order to authorize the account.

It is just strange that it show both completion and error at the same time:

[image: image.png]

Anyway, attached is the log and I am hoping you can point me in the right direction to fix this issue.

Maybe the issue is with this SMTP program? Do you have a suggestion with what to test the Proxy?

Thank you

Chris

Chris Sajdak | IT Manager My pronouns: he/him/his T +49 (0) 89 442326 206 | F +49 (0)89 442326 302

*DK Verlag* | Dorling Kindersley Verlag GmbH | Arnulfstrasse 124 | 80636 Munich | www.dk-verlag.de/ http://www.dk-verlag.de/

Am Mi., 24. Juli 2024 um 21:43 Uhr schrieb Simon Robinson < @.***>:

Does the email actually get sent?

If so, I wonder whether the tool you are using is triggering the proxy's default behaviour of re-requesting authentication if an incorrect password is supplied. Have you tried setting delete_account_token_on_password_error = False https://github.com/simonrob/email-oauth2-proxy/blob/4e1dfd80fbf92bd48ff804bac163efa4b8af9d74/emailproxy.config#L277 ?

If this doesn't help, please post the log from the proxy in --debug mode.

— Reply to this email directly, view it on GitHub https://github.com/simonrob/email-oauth2-proxy/issues/264#issuecomment-2248772752, or unsubscribe https://github.com/notifications/unsubscribe-auth/BKBR3DTKD2ECTN2C44VCFALZN77WHAVCNFSM6AAAAABLJVTGSGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDENBYG43TENZVGI . You are receiving this because you authored the thread.Message ID: @.***>

Dorling Kindersley Verlag GmbH , Sitz München, Amtsgericht München HRB 138513, Geschäftsführerin: Monika Schlitzer - Meyer, Steuer Nr.: 143/130/50611, Ust-IdNr.: DE147851084

Diese E-Mail könnte vertrauliche und/oder rechtlich geschützte Informationen enthalten. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht gestattet. This email may contain information that is confidential. If you have received it in error, please notify the sender immediately and then delete it. Please do not copy it, disclose its contents or use it for any purpose.

Please consider the environment before printing this email

simonrob commented 1 month ago

You haven't actually included the image or the log file, perhaps because you submitted this reply via email? You also didn't confirm whether the test email does actually get sent.

Either way, it sounds like you've tried various options here already, so perhaps there is a misconfiguration in your service account configuration. If needed, I'm happy to look at this on a consultancy basis.

simonrob commented 1 month ago

I'm going to assume this has now been resolved, but feel free to reopen this issue if the problem persists.