Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Is this project dead? Need Graph API backend and token username is also broken. #368

Open
ttesty opened this issue Oct 6, 2024 · 7 comments

Comments

@ttesty
Copy link

ttesty commented Oct 6, 2024

Project hasn't been updated in a long time. OAuth2 is no good for "modern" Outlook access anymore. Microsoft 365 Online (Business) costs at least $6/month to add Entra's app-based API Permissions to use Outlook 365 API (Personal). Graph API is the only free way, but it's not really implemented in davmail... And there's no local web host to handle https responses from redirect_url. Need POP3 Proxy->Graph API (Outlook 365/Exchange).

Tried:

  • client ID (office): d3590ed6-52b3-4102-aeff-aad2292ab01c
  • redirect_url: urn:ietf:wg:oauth:2.0:oob?code
  • got key, pasted in O365Manual mode

problem: davmail - Can't find resource for bundle java.util.PropertyResourceBundle, key Authenticated username live.com#person@live.com does not match person@live.com. It's mixing up: "unique_name":"live.com#person@live.com" and complaining about it not matching "email":"person@live.com".

Token: {"aud":"d3590ed6-52b3-4102-aeff-aad2292ab01c","iss":"https://sts.windows.net/3ceb7ded-6237-4abf-aed0-f741fb55330a/","iat":X,"nbf":X,"exp":X,"altsecid":"1:live.com:X","amr":["pwd"],"email":"person@live.com","family_name":"X","given_name":"X","idp":"live.com","idtyp":"user","ipaddr":"X","name":"X","oid":"X","puid":"X","rh":"","sub":"","tid":"X","unique_name":"live.com#person@live.com","ver":"1.0","xms_idrel":"4 1"}

.... username = tokenBody.getString("unique_name");
?

You could check "email" field too... or parse on unique_name... past #

========================= token = O365Token.build(tenantId, clientId, redirectUri, code, password);
    LOGGER.debug("Authenticated username: " + token.getUsername());
    if (username != null && !username.isEmpty() && !username.equalsIgnoreCase(token.getUsername())) {
        throw new DavMailAuthenticationException("Authenticated username " + token.getUsername() + " does not match " + username);
    }

// get username from id_token
String idToken = jsonToken.optString("id_token");
if (idToken != null && idToken.contains(".")) {
String decodedJwt = IOUtil.decodeBase64AsString(idToken.substring(idToken.indexOf("."), idToken.lastIndexOf(".")));
try {
JSONObject tokenBody = new JSONObject(decodedJwt);
LOGGER.debug("Token: " + tokenBody);
username = tokenBody.getString("unique_name");
} catch (JSONException e) {
LOGGER.warn("Invalid id_token " + e.getMessage(), e);
}
}

@ttesty ttesty changed the title Is this project dead? Need Graph API backend. Is this project dead? Need Graph API backend and token username is also broken. Oct 6, 2024
@esabol
Copy link

esabol commented Oct 6, 2024

The last commit was 3 months ago, and the last time the owner replied to an issue was 1 month ago. You consider that to be a long time? Seriously? This project isn't anyone's full-time job. The project owner works on it when he can and when he wants to. If that's not good enough for you, then feel free to contribute some patches or start your own open source project.

Also, please learn how to format your GitHub posts properly.

@ttesty
Copy link
Author

ttesty commented Oct 7, 2024

1-3 months is long. Code needs an overhaul. I gave the info if you'd like to patch. I don't need to start an open source project to solve this problem. My time is limited too, but I'm glad you can read.

@ttesty
Copy link
Author

ttesty commented Oct 10, 2024

Anyways.. when you use the email value instead of unique_name, it works around the first bug, generates a cookie with much more info but then later complains about the and invalid login. This looks like another bug where it might be confusing domains between office365.com and live.com (versus letting user specify in settings). That's true especially if the user gets redirected to office.live.com anyway. That's about 2 bugs now. I wonder who tests on this project these days?

davmail.exchange.auth.O365Token - Authenticated user person@live.com from stored token
davmail.http.DavGatewaySSLSocketFactory - createSocket outlook.office365.com 443
davmail.http.HttpClientAdapter - Add cookie [version: 0][name: exchangecookie][value: X][domain: outlook.office365.com][path: /]
davmail - Authentication failed: invalid user or password
davmail.exception.DavMailAuthenticationException: Authentication failed: invalid user or password

@ernstki
Copy link

ernstki commented Oct 13, 2024

1-3 months is long. Code needs an overhaul. I gave the info if you'd like to patch. I don't need to start an open source project to solve this problem. My time is limited too, but I'm glad you can read.

The DavMail project has been around a long, long time in internet years, and the maintainer has weathered all the storms so far. One impatient user shouting and stamping their feet probably isn't going to motivate him one way or the other.

However, that said…

@ttesty I was like you once. Come and re-read what you wrote in this issue in a year, or in five years, and see how much you've grown. One day, hopefully soon, you'll come to understand what a thankless job it is to maintain an open source project, maybe after you start your own.

@ttesty
Copy link
Author

ttesty commented Oct 13, 2024

That's the problem - the project isn't consistently maintained and the QA coverage appears limited. Your so-called impatient user and other garbage-worthy characterizations won't motivate anyone. If you open your eyes, you will see multiple users complaining in the issues filed about a lot of the same stuff. I'm probably the first patient user that offered a fix (I was patient enough to rummage through unmaintained code on a presumably dead project).

I don't have to re-read what I wrote in 1, 5 years or whatever, nor do I need to start an open source project. I came here to report a bug, a fix, while shocked that the project looks dead/unmaintained.

So once again, take your own advice.

@ernstki
Copy link

ernstki commented Oct 18, 2024

I'm probably the first patient user that offered a fix (I was patient enough to rummage through unmaintained code on a presumably dead project).

I don't speak for the maintainer(s), but just as a user for some ten years or more, who has also rummaged through code and reported bugs. I just took a slightly different tack than you.

Good luck with this approach. I wish you well.

@mguessan
Copy link
Owner

Thanks for your feedback and thanks @ernstki and @esabol for your support.

As you may have noticed I tried to initiate a new backend dedicated to the "new" "modern" graph API provided by Microsoft.
However this new API was designed to build a web frontend, not a full mail synchronisation gateway so I faced some critical issues.

Among them : there is no way to create a mail from MIME body without the Draft flag... and the Draft is readonly after create.
There are also other issues with how large mails are handled, making it mandatory to have a different channel to upload attachments.

Anyway back to @ttesty, it looks like you are trying to use a live.com account?
I never really tried/tested this, DavMail was built for Exchange 1997 then 2003/2007 before adding O365 support - yes this was a long time ago -

Can you please offer this as a patch so me and others can test it and confirm it's working before merging?

Thank you,

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants