Re: [Davmail-users] [Patch] Adding OAuth Support

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello Mickael,

Great work on the OAuth2!!  I attempted to access my mail in the O365Interactive mode.  After inputting the password and receiving a code via text, I inputted the code.  I held my breath in anticipaton, but I got the attached:

	DavMail Question - 01.png and 
	DavMail Question - 02.png

which I assume the instructions below (attached as DavMail Question - 03.png) relate to. 

My problem is that I do not know how to "create your own application".  I also do not know where the required scopes you provided go.  Can you give some direction or is there a webpage or forum chat you can point me to to help me understand exactly how to do this?

Thank you so much!

Yours truly,
Scott

On Sun, 14 Oct 2018 18:23:25 +0200
Mickaël Guessant <mgu...@fr...> wrote:

:Le 11/10/2018 à 01:57, Henrique Martins a écrit :
:>> Ok, I would need testers for new connection modes:
:>> O365: Office 365 with classic username/password authentication or
:>> application password
:>> O365Modern: Office 365 modern authentication (Oauth2)
:>> O365Interactive: Office 365 interactive authentication
:> I may be able to test this, but how does one go about
:> finding out which of the modes the server requires?
:
:
:All those modes are for Office 365 only and will not work with on 
:premise Exchange.
:
:We may be able in the future to implement a similar approach for on 
:premise Exchange, given the following prerequisites:
:
:- authentication through a browser is possible (i.e. access 
:exchangeserver/OWA)
:
:- EWS endpoint is available after OWA authentication (i.e. access 
:exchangeserver/EWS/Exchange.asmx)
:
:=> the idea would be to retrieve cookies from JavaFX browser to 
:initialize httpClient.
:
:Back to Office365 modes :
:
:- O365: same as EWS with Office 365 url => for O365 tenants without MFA 
:or with MFA but application passwords allowed for Office 2010 and 
:earlier compatibility
:
:- O365Interactive: will open an authentication window to let you enter 
:your credentials and go through MFA check and consent.
:
:- O365Modern: same logic as O365Interactive, but use client provided 
:credentials for Oauth negotiation, trigger PhoneApp MFA check transparently
:
:Additional notes:
:
:- You will have to give your consent to DavMail access on first call, 
:check davmail log for exact url or use O365Interactive once
:
:- You can use your own application client id instead of DavMail provided 
:value, just create your application and add in davmail.properties:
:
:davmail.oauth.clientId=<yourappid>
:
:davmail.oauth.redirectUri=https://login.microsoftonline.com/common/oauth2/nativeclient
:
:The required scopes are:
:
:"requiredResourceAccess": [
:         {
:             "resourceAppId": "00000002-0000-0ff1-ce00-000000000000",
:             "resourceAccess": [
:                 {
:                     "id": "3b5f3d61-589b-4a3c-a359-5dd4b5ee5bd5",
:                     "type": "Scope"
:                 }
:             ]
:         },
:         {
:             "resourceAppId": "00000002-0000-0000-c000-000000000000",
:             "resourceAccess": [
:                 {
:                     "id": "311a71cc-e848-46a1-bdf8-97ff7156d8e6",
:                     "type": "Scope"
:                 }
:             ]
:         }
:     ],
:
:In both cases (O365Interactive and O365Modern), once initial 
:authentication succeeds DavMail keeps the refresh token and should 
:automatically renew access token on expiration.
:
:Note that this refresh token is not stored on disk, only in memory.
:
:Regards,
:
:

===========   ><(((o>

Scott Smith
   Long Term Cross Cultural Farming, Fishing,
      and Body Building Consultants

    "All things are lawful for me, but not all things are profitable." (I Cor 6:12)
       Whole foods and plants ARE profitable for health
         Check it out at https://nutritionfacts.org 
           or https://www.youtube.com/watch?v=xnKaOL2IBPY