#702 O365Interactive White Page with MFA Login

[Jan Pilz]

When i try to use O365Interactive, Office 365 + MFA, i always get only a white screen when i should enter password, see attachement. I tried with openjdk+openjfx 11, openjdk+openjfx 8, prebuilt binaries, and built it myself, but it's the same always. Also using Proxy and no proxy. The URL in the title seams to look okay.

Ubuntu 18.10

Log Output only warning:
Date: Wed Jan 30 17:44:30 CET 2019 (1548866670050)
Thread: URL-Loader-9
Message #: 35
Level: WARN
NDC:
Category: davmail.exchange.auth.O365InteractiveAuthenticatorFrame
Message: Failed: form calls watson
Location: davmail.exchange.auth.O365InteractiveAuthenticatorFrame$1$2.openConnection(O365InteractiveAuthenticatorFrame.java:88)
Thrown:

[Mickael Guessant]

Looks like your Office 365 instance is a bit different: you are redirected to /login.srf
=> fix available in trunk, please try again.

[Jan Pilz]

Thanks, it does work now. But somehow they recognize davmail, so they blocked it:

"DavMail needs permission to access resources in your organization that only an admin can grant. Please ask an admin to grant permission to this app before you can use it."

Is it possible to change the UserAgent or something?

[Mickael Guessant]

Not the user agent, the application Oauth clientId. Official DavMail comes with a common application created by me that may not be allowed to connect to your instance.

See: http://davmail.sourceforge.net/faq.html

And another use case at: https://sourceforge.net/p/davmail/bugs/698/

[Jan Pilz]

Great,

davmail.oauth.clientId=d3590ed6-52b3-4102-aeff-aad2292ab01c
davmail.oauth.redirectUri=urn:ietf:wg:oauth:2.0:oob

This works now, thank you. Should be added to FAQ or should be new default value. I tried wit clientId of outlook web before and shortly could see mails on browser window, but didnt work out, but using Outlook Native? client Id seems to work.

[Mickael Guessant]

Well, I can't make this the default value as it's working fine for some users and we are supposed to register applications, see official documentation at https://docs.microsoft.com/en-us/graph/auth-register-app-v2

Outlook Web is not a native application and thus has an Oauth client_secret that is obviously not public.

Using Outlook native clientId is a last resort workaround when admins block all other ways.

[Mickael Guessant]

Released in 5.2.0

[Arnold Raynor]

I am also reaching "Davmail needs permission ... Please ask an admin", including after creating my own App registration at Microsoft Azure.

How can one extract the clientId from a native MS Outlook?

[Arnold Raynor]

The native MS Outlook client ID is d3590ed6-52b3-4102-aeff-aad2292ab01c.

[averter]

I have the same problem/need to resort to this last workaround, and on top of that my workplace is using a DUO security system, which is hiding the authentication token (full thread on github).
@Arnold Raynor or @Jan Pilz does any of you have to get past MFA/DUO or needs to use a windows device (workplace joined) to successfully activate davmail? Thank you in advance for any help.