Error when sasl-xoauth2 with mbsync on Arch Linux, generic failure: unable to find a callback 32775

tarickb / sasl-xoauth2

SASL plugin for XOAUTH2

Other

73 stars 21 forks source link

Error when sasl-xoauth2 with mbsync on Arch Linux, generic failure: unable to find a callback 32775 #86

Closed BowenWang closed 4 months ago

BowenWang commented 4 months ago

I am trying to configure sasl-xoauth2 work with mbsync and oama on Arch Linux.

After install sasl-xoauth2 from AUR, when I try to download email using mbsync, it says: Error performing SASL authentication step: SASL(-1): generic failure: Unable to find a callback 32775.

There are two packages in AUR with similar names:

sasl-xoauth2-git (the one I tried first and got the above error)
cyrus-sasl-xoauth2-git (works with the same configuration files for mbsync and oama)

norbusan commented 4 months ago

I am the maintainer of sasl-xoauth-git in aur, and my mbsync config files looks like this:

IMAPStore XXX-remote
Host outlook.office365.com
User XXXXX
PassCmd "echo ~/.tokens/XXXXXX"
SSLType IMAPS
AuthMechs XOAUTH2

For that to work you need to have an initial token obtained:

sasl-xoauth2-tool get-token outlook \
     token.${your_email} \
     --client-id=$client_id \
     --tenant=$tenant_id \
     --use-device-flow

In case you use outlook:

with the variables replaced with respective values. You need an app setup in entra.microsoft.com and get client id and tenant id.

The generated file contains json keys for access_token, refresh_token, and expiry. You need to ADD to the json array the key/values for client_id, client_secret (set to ""), and token_endpoint set to https://login.microsoftonline.com/${tenant_id}/oauth2/v2.0/token

After that

sasl-xoauth2-tool test-token-refresh <your_token_file>

should work.

Move the token to the place specified above and mbsync should run.

BowenWang commented 4 months ago

@norbusan I have tried your approach (I mixed your instructions and the steps to set up Gmail in the project's readme file). After I run sasl-xoauth2-tool test-token-refresh .tokens/token.wang8330@umn.edu

The terminal says: config check passed Token refresh succeeded.

But when I added following lines into my mbsync configuration file: AuthMechs XOAUTH2 PassCmd "cat TOKEN_FILE" I still got the same error message.

BTW, now I am setting up sasl-xoauth2-tool with mbsync on Fedora Silverblue since I don't have Arch Linux on my home computer.

BowenWang commented 4 months ago

I think I made a mistake here, I change the two lines in mbsync configuration file to: AuthMechs XOAUTH2 PassCmd "echo MY_TOKEN_FILE"

And run mbsync, it works! The only difference is cat vs. echo here. I am a little bit confused now, why does echo work but cat doesn't?

norbusan commented 4 months ago

Great to see it work. Yes, you need echo. XOAUTH2 module expects the filename of the token as input, not the content. With cat you send the content, with echo the filename.

Not well documented, I know...

BowenWang commented 4 months ago

Thanks for your instructions! Another question, does sasl-xoauth2-tools work with msmtp? Previously I use plain password authentication for msmtp, the two lines in the configuration file for authentication is: auth on passwordeval "gpg -d MY_GPG_FILE_STORING_PASSWORD"

I have changed it to: auth oauthbearer passwordeval "echo MY_TOKEN_FILE" But the authentication fails.

norbusan commented 4 months ago

I don't know, I haven't used it with msml till now. I use it with postfix as mail server and that can be done in a very similar way.

BowenWang commented 4 months ago

I have been trying to configure sasl-xoauth2-tools to work with msmtp but didn't make any progress. Fortunately msmtp works with oama, so I can use my email tool chain now. Thanks for your instructions again.