| Author |
|
mnoreen
Newbie
Joined: 17 July 2012
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 23 September 2019 at 8:52am | IP Logged
|
|
|
https://developer.microsoft.com/en-us/office/blogs/end-of-support-for-basic-authentication-access-to-exchange-online-apis-for-office-365-customers/
We use the Mailbee IMAP library extensively to read various service based email accounts in o365. Any guidance on how to address this would be greatly appreciated.
Note, we have many console apps written in .NET (4.8) that run on a server on many scheduled tasks. I understand we'd need to somehow register our "application" (I'm assuming that can be a generic one for our company), but we cannot involve any "user" interaction. These are utility apps. Glancing at the existing sample code in the Mailbee doc, they all seem to involve popping up a browser window to get someone to interact with "asking permission." And that's what we need to avoid.
We've used Mailbee all this time to mask the complexities of IMAP, I hope the library is able to help us with this new, forced direction.
|
| Back to Top |
|
| |
Alex
AfterLogic Support
Joined: 19 November 2003
Online Status: Offline
Posts: 2206
|
| Posted: 23 September 2019 at 9:04am | IP Logged
|
|
|
I don't think it's possible to avoid user interaction with OAuth 2.0. This is exactly what it's about - user interaction (because passwords can be stolen, etc).
I'd try to check if what you're trying to achieve using service accounts. This is certainly doable with Google apps (and there is a tutorial in MailBee on this) but not sure if Microsoft service accounts can do the same. But it at least is worth trying.
Regards,
Alex
|
| Back to Top |
|
| |
mnoreen
Newbie
Joined: 17 July 2012
Location: United States
Online Status: Offline
Posts: 19
|
| Posted: 24 September 2019 at 6:51am | IP Logged
|
|
|
Thanks Alex.
FWIW, I've started reviewing the new Microsoft Graph API which is a REST based API for accessing all things o365. In the doc, it does mention "Client credentials grant flow" as part of the oAuth spec
see: https://developer.microsoft.com/en-us/graph/blogs/30daysmsgraph-day-12-authentication-and-authorization-scenarios/
and
https://tools.ietf.org/html/rfc6749#section-4.4
so it looks like that may be a path... albeit a much more complicated one than just using a username and password along with the IMAP component! Maybe it will make more sense to you and you'll have some way to incorporate that into the library over the next year :)
Thanks again.
|
| Back to Top |
|
| |
Alex
AfterLogic Support
Joined: 19 November 2003
Online Status: Offline
Posts: 2206
|
| Posted: 24 September 2019 at 7:15am | IP Logged
|
|
|
Thanks. I see they are using certificate-based auth process - indeed, service accounts.
Regards,
Alex
|
| Back to Top |
|
| |
mackolo22
Groupie
Joined: 09 October 2018
Location: Poland
Online Status: Offline
Posts: 41
|
| Posted: 05 March 2020 at 2:12am | IP Logged
|
|
|
Hi,
I would like to know if MailBee supports or will support OAuth2 authentication for Office 365 accounts? I know that it works great for Gmail. Will given code work fine as well as all IMAP/POP3/SMTP operations?
string xOAuthKey = OAuth2.GetXOAuthKeyStatic(email, accessToken);
imapClient.Login(null, xOAuthKey, AuthenticationMethods.SaslOAuth2);
|
| Back to Top |
|
| |
Alex
AfterLogic Support
Joined: 19 November 2003
Online Status: Offline
Posts: 2206
|
| Posted: 05 March 2020 at 2:31am | IP Logged
|
|
|
Hi,
MailBee will support it when MS starts supporting it. Currently, it's not supported. Stay tuned to this discussion:
https://stackoverflow.com/questions/29747477/imap-auth-in-office-365-using-oauth2
Regards,
Alex
|
| Back to Top |
|
| |
mackolo22
Groupie
Joined: 09 October 2018
Location: Poland
Online Status: Offline
Posts: 41
|
| Posted: 05 March 2020 at 2:35am | IP Logged
|
|
|
Hi Alex,
Thanks for the link. I hope they will implement this ASAP. :D
|
| Back to Top |
|
| |
Jan vV
Newbie
Joined: 27 March 2020
Online Status: Offline
Posts: 1
|
| Posted: 06 April 2020 at 10:43am | IP Logged
|
|
|
It looks like that StackOverflow post is the only place where someone states that Microsoft is working on an OAuth implemenation for IMAP. For the rest, deafening silence...
Obviously Microsoft is forcing everyone to use Graph instead of the standard protocols (they mention them as 'legacy'instead of 'standard').
I don't mind if I have to add OAuth in my applications where I access mailboxes. But I cannot believe that we all have to migrate everything to use Graph. And it looks like we all are going to develop our own implementation. Why can't I find a standard library that handles mail through Graph?
|
| Back to Top |
|
| |
Alex
AfterLogic Support
Joined: 19 November 2003
Online Status: Offline
Posts: 2206
|
| Posted: 07 April 2020 at 1:25am | IP Logged
|
|
|
Probably the closest you can get is this? Never used, though. It's just what Google finds.
https://github.com/microsoftgraph/msgraph-sdk-dotnet
Regards,
Alex
|
| Back to Top |
|
| |
abhroneelc
Newbie
Joined: 28 October 2020
Location: Australia
Online Status: Offline
Posts: 2
|
| Posted: 28 October 2020 at 4:42pm | IP Logged
|
|
|
Hi Guys ,
Is there any update on this one yet , we also have a very similar situation we have scheduled tasks that scan and download specific types of emails from mailboxes using IMAP on office 365.
We have tried the App reg and getting the bearer token using the no user workflow as shown here
https://docs.microsoft.com/en-us/graph/auth-v2-service
, we seem to be getting the token fine but the imap login gets errored out.
MailBee.ImapMail.MailBeeImapLoginBadCredentialsException: 'The server has rejected authentication data sent by the client. The server responded: MBN00000002 NO AUTHENTICATE failed.'
var ApiUrl = "https://graph.microsoft.com/";
var scopes = new string[] { $"{ApiUrl}.default" };
IConfidentialClientApplication app;
app = ConfidentialClientApplicationBuilder.Create(clientID)
.WithClientSecret(clientSecret)
.WithAuthority(authoriseEndpoint)
.Build();
var result = app.AcquireTokenForClient(scopes)
.ExecuteAsync().Result;
return result;
string imapXOAuthKey = OAuth2.GetXOAuthKeyStatic(userEmail, result.AccessToken);
Imap imp = new Imap("xxxxxxxxxxx-key");
// Logging is not necessary but useful for debugging.
imp.Log.Filename = "C:\\Temp\\log.txt";
imp.Log.HidePasswords = false;
imp.Log.Enabled = true;
imp.Log.Clear();
imp.Connect("imap-mail.outlook.com", 993);
imp.Login(null, imapXOAuthKey, AuthenticationMethods.SaslOAuth2, AuthenticationOptions.None, null);
imp.SelectFolder("Inbox");
|
| Back to Top |
|
| |
Alex
AfterLogic Support
Joined: 19 November 2003
Online Status: Offline
Posts: 2206
|
| Posted: 29 October 2020 at 3:30am | IP Logged
|
|
|
Hi,
Office 365 allows the auth flow without user interaction for Graph only. It's not possible with IMAP.
Regards,
Alex
|
| Back to Top |
|
| |
abhroneelc
Newbie
Joined: 28 October 2020
Location: Australia
Online Status: Offline
Posts: 2
|
| Posted: 29 October 2020 at 4:41pm | IP Logged
|
|
|
Hi Alex ,
Dows Mailbee Have a library with Graph at the moment ? Is there any plans to have something new in this area ?
thanks
Abhroneel
|
| Back to Top |
|
| |
Alex
AfterLogic Support
Joined: 19 November 2003
Online Status: Offline
Posts: 2206
|
| Posted: 30 October 2020 at 1:15am | IP Logged
|
|
|
Hi Abhroneel,
As MS already provides a powerful Graph lib, we don't think much sense in making our own.
You can also interoperate Graph lib and MailBee (e.g. download email with Graph, feed it to MailBee and examine message properties using MailBee's API).
For instance, https://docs.microsoft.com/en-us/graph/api/message-get?view=graph-rest-1.0&tabs=csharp
Example 4 shows how to get the MIME source.
You can then use MailMessage.LoadMessage to load the email from the MIME source. I think this should work.
Regards,
Alex
|
| Back to Top |
|
| |
MailBee.NET Objects 
MailBee.NET Queue 
MailBee Objects 
WebMail Pro PHP 
AfterLogic Aurora 
MailSuite Pro for Linux 
Unified Messaging Solution 
Search
Register
Login
Topic: MS announcement to retire basic auth
Privacy policy |
Refund policy