Closed tejavivek closed 1 year ago
tarickb
commented
1 year ago TBH the OAuth failures from Microsoft are pretty inscrutable to me, and I've always had a hard time debugging them, so I can't offer much help here. Try making sure you're specifying the right combination of client ID, client secret, and tenant ID? Sometimes the secret and tenant are required, sometimes they're not, and I don't fully understand why.
tejavivek
commented
1 year ago Hey I love your work but do you think there is any other mistakes I would be making? and I Have tried every possible combinations client ID, and client secret and tenant ID giving all of them. I think you are the only one who can help me please help me thank you.
ridebadger
commented
1 year ago I am receiving the same output. We have a GCC tenant. Using this script:
sudo sasl-xoauth2-tool get-token --client-id=(client ID from AAD App) --tenant=(tenant ID from AAD App) outlook /var/spool/postfix/etc/tokens/username@domain.onmicrosoft.com
tarickb
commented
1 year ago I wonder if you're both being hit by #64 -- can you try this patch for sasl-xoauth2-tool? It'll let you not specify a client secret, because it sounds like you may not need to.
ridebadger
commented
1 year ago Would you please elaborate how to "try this patch"? I am using Ubuntu 2204 with the apt package. Do I need to build from source? Thanks.
tarickb
commented
1 year ago No need to rebuild from source, you're just modifying the token tool (which is in Python):
$ mkdir /tmp/sasl-xoauth2
$ cp /usr/bin/sasl-xoauth2-tool /tmp/sasl-xoauth2/
$ cd /tmp/sasl-xoauth2/
$ wget -O - 'https://gist.github.com/tarickb/b3f23f3066fc94cd0e9edcc0ed14a9a6/raw/5ed48b6f055eb1bbae35a4d457ecdef798cd0da8/sasl-xoauth2-tool%2520patch%2520for%2520Outlook%2520secrets' | patch -p1Once that's done:
/tmp/sasl-xoauth2/sasl-xoauth2-tool get-token ...I tried the patch and got the same messages except the following:
original: File "/usr/bin/sasl-xoauth2-tool", line 206, in subcommand_get_token get_token_outlook(
patched: File "/tmp/sasl-xoauth2/sasl-xoauth2-tool", line 204, in subcommand_get_token get_token_outlook(
Don't know if that helps.
tarickb
commented
1 year ago Can you please paste exactly what you tried and the resulting errors/messages?
ridebadger
commented
1 year ago sudo /tmp/sasl-xoauth2/sasl-xoauth2-tool get-token --client-id=long-number --tenant=long-number outlook /var/spool/postfix/etc/tokens/username@domain.onmicrosoft.com
Traceback (most recent call last):
File "/tmp/sasl-xoauth2/sasl-xoauth2-tool", line 309, in
I am running the script and submitting the url on the same server. Thanks.
tarickb
commented
1 year ago Are you specifying a client secret when the tool prompts you for one, or are you leaving it blank?
ridebadger
commented
1 year ago Success! Left the client secret prompt blank and received no errors. Also, there is a file in /var/spool/postfix/etc/tokens/
Cool!
tejavivek
commented
1 year ago
What should I do ?
tarickb
commented
1 year ago I don't understand what you're trying to do? Once patched, there's no need to patch the script again.
Also, I've released version 0.21 of sasl-xoauth2, which contains a fix for this issue. If you update to that version you can just use sasl-xoauth2-tool normally.
tejavivek
commented
1 year ago Hey sorry i was able to retrieve token
Iam getting white page but I was unable get tokens or not able retrieve the resulting Url as you can see in above image