09/16/2024 [Informational]: Outlook Getting Rid of Basic Authentication

[cswinney22]

https://support.microsoft.com/en-us/office/modern-authentication-methods-now-needed-to-continue-syncing-outlook-email-in-non-microsoft-email-apps-c5d65390-9676-4763-b41f-d7986499a90d

Not positive this is an issue or not, but thought I might forward it to you because it appears that, though we use an app password to login, I suspect authentication still uses basic and not OAuth authentication. I have not delved deep into your code at all, but if this is an issue, I figured it would be better to point it out.

[twrecked]

https://support.microsoft.com/en-us/account-billing/how-to-get-and-use-app-passwords-5896ed9b-4263-e681-128a-a6f2979a7944

I think you will still be able to use app passwords.

On Thu, Jul 4, 2024, 22:33 cswinney22 @.***> wrote:

https://support.microsoft.com/en-us/office/modern-authentication-methods-now-needed-to-continue-syncing-outlook-email-in-non-microsoft-email-apps-c5d65390-9676-4763-b41f-d7986499a90d

Not positive this is an issue or not, but thought I might forward it to you because it appears that, though we use an app password to login, I suspect authentication still uses basic and not OAuth authentication. I have not delved deep into your code at all, but if this is an issue, I figured it would be better to point it out.

— Reply to this email directly, view it on GitHub https://github.com/twrecked/hass-aarlo/issues/971, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALHJU6RBUBWUU435QW3ITJLZKYAXVAVCNFSM6AAAAABKMMEHAGVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM4TCNRWGA4DCNI . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[cswinney22]

https://support.microsoft.com/en-us/account-billing/how-to-get-and-use-app-passwords-5896ed9b-4263-e681-128a-a6f2979a7944 I think you will still be able to use app passwords. … On Thu, Jul 4, 2024, 22:33 cswinney22 @.> wrote: https://support.microsoft.com/en-us/office/modern-authentication-methods-now-needed-to-continue-syncing-outlook-email-in-non-microsoft-email-apps-c5d65390-9676-4763-b41f-d7986499a90d Not positive this is an issue or not, but thought I might forward it to you because it appears that, though we use an app password to login, I suspect authentication still uses basic and not OAuth authentication. I have not delved deep into your code at all, but if this is an issue, I figured it would be better to point it out. — Reply to this email directly, view it on GitHub <#971>, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALHJU6RBUBWUU435QW3ITJLZKYAXVAVCNFSM6AAAAABKMMEHAGVHI2DSMVQWIX3LMV43ASLTON2WKOZSGM4TCNRWGA4DCNI . You are receiving this because you are subscribed to this thread.Message ID: @.>

I think it will still be available (app passwords) but will require OAuth authentication. They did this with exchange online a while back and in that documentation, they said "The deprecation of basic authentication also prevents the use of app passwords with apps that don't support two-step verification."

https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online

Is this plug-in already using OAuth or is it using app passwords in a basic authentication method?

[twrecked]

In this case it will probably stop working with Outlook.

[cswinney22]

Understood. Thanks for confirming.

[twrecked]

Just so I don't sound too dismissive...

I started look at this for Google and Yahoo and I got it working but there were a couple of things:

The code change to hass-aarlo is relatively small; I can accept an authentication token instead of a username/password and pass that in with the IMAP client. But that means you would need to get an authentication token somehow. I might dig this code out and make it available.

Otherwise I need to provide a back end to do the RESTAPI requests to create the token. I created a backend and got it working experimentally but that meant I needed to explicitly allow users to authenticate. And to make it official means I need to get Google (and probably Yahoo) to review the code. And then I need to provide a back end server for people to use. And then I need to provide interfaces to google and yahoo and outlook...

Which is all doable I've just got find the time...

[cswinney22]

I get it for sure. I'm dealing with this at work, trying to convert from AES encrypted files to a password manager but it requires user interaction and the system is all automated. No user. Tokens exist but last only 24 hours. So, currently, REST methods are my only solution and there's no point for my setup. It's no biggie. I can shift to a diff email that allows me to still use app passwords and such, Or maybe I get bored and I write something to handle this myself. Same issue. Time.