Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Microsoft Auth #15

Open
p-samuel opened this issue Dec 2, 2022 · 9 comments
Open

Microsoft Auth #15

p-samuel opened this issue Dec 2, 2022 · 9 comments

Comments

@p-samuel
Copy link

p-samuel commented Dec 2, 2022

Hi @geoffsmith82! Have you tried connecting with Microsoft's credentials? I don't know if I'm missing something, but after credentials login page is closed (in microsoft's login page), a message error is displayed stating that was not able to authenticate if you try sending a message.
@geoffsmith82
Copy link
Owner

The exact error message would be helpful. Try going to your webbrowswer and goto http://accounts.microsoft.com and log out of the account. Then try login again

@p-samuel
Copy link
Author

p-samuel commented Dec 2, 2022

The error message is

R:535 5.7.3 Authentication unsuccessful [ROAP284CA0191.BRAP284.PROD.OUTLOOK.COM]

It happens in IdSASLCollection unit.

if ACanAttemptIR then begin
    if ASASL.TryStartAuthenticate(AHost, AProtocolName, S) then begin
      👉AClient.SendCmd(ACmd + ' ' + String(ASASL.ServiceName) + ' ' + AEncoder.Encode(S), []);//[334, 504]);
      if CheckStrFail(AClient.LastCmdResult.Code, AOkReplies, AContinueReplies) then begin
        ASASL.FinishAuthenticate;
        Exit; // this mechanism is not supported
      end;
      AuthStarted := True;
    end;
  end;

The Cmd command is returning error. Maybe microsoft has changed any protocol urls? Or is it a problem with my user? I wonder why might be happening.

The cmd string passed is like this:

AUTH XOAUTH2 user= <my_user> auth=Bearer <token>

@marcin-bury
Copy link

@p-samuel
The command string is incorrect.
See https://learn.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth

@p-samuel
Copy link
Author

p-samuel commented Dec 2, 2022

@marcin-bury, thanks for noticing! I'll try making the appropriate changes. It seems the only problem is not encoding the login credentials. The SMTP docs states that it should be as follows:

AUTH XOAUTH2 <base64 string in XOAUTH2 format>

@afnsldd
Copy link

afnsldd commented Dec 2, 2022
edited
Loading

@p-samuel, it is doing! No error from the library's part. The AEncoder.Encode(S) takes responsibility to encode the credential string. I think the issue might be on Microsoft's side indeed.

@marcin-bury
Copy link

The case is that there should be addtional characters Char(1) in the string.
I am also struggling with Office365 IMAP account, but in my case it might be a problem with application perimissions.
I have token, prepare xoauth2 token as MS wants, and while connecting to exchange via openssl, I cannot authenticate.

@geoffsmith82
Copy link
Owner

In the past few days Microsoft has tightened up security restrictions for access.
See https://aka.ms/smtp_auth_disabled

They appear to be forcing 2fa as well. For the moment this means that the account I was using to test my code becomes unavailable to me.

@AlexanderPD
Copy link

any news on this? i also cannot resolve the "Authentication unsuccessful" error

@sheikn
Copy link

sheikn commented Nov 2, 2023

Has anyone got Office365 credentials to work?. I'm getting the 5.7.3 Authentication Unsuccessful error as well. IdSASLCollection.PerformSASLLogin is not adding the extra ("^A^A") characters to the end of the AUTH XOAUTH2 command.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@AlexanderPD @sheikn @geoffsmith82 @marcin-bury @p-samuel @afnsldd