[Users] office365 oauth2

[dmacdoug]

On Mon, May 15, 2023 at 08:45:14AM +0200, Paul Rolland wrote:
> Hello,
> 
> On Sun, 14 May 2023 15:37:47 -0700
> dmacdoug <dmacdoug at usc.edu> wrote:
> 
> > I know I should probably stop wasting time on getting claws-mail to work
> > with the oauth2 authentication and just continue to use Thunderbird, but I
> > just thought it would be nice to only have one GUI mail client on my
> > laptop which could access both accounts.  Sometimes I get obsessed with a
> > problem when I should just let it go, especially since I also have access
> > from my phone as well and as a last resort webmail.
> 
> Well, I was one having issue with OAuth2 and M365, but since I got it
> working, a few month ago, it's perfect with Claws-mail. 
> One of the important point I don't see in the list of operations you did is
> declaring Claws as an accepted client application for M365. I'm lucky
> enough to be the admin of the tenant, so I did it in Azure, and may be what
> you do reusing TB id's is equivalent, but following the step-by-step guide
> really made it work for me.
>
I think I'm beginning to see what my problem is.  I have just in the last
few days begun to see the word tenant used and I didn't know what it meant,
but I think I see that it means the particular organization whose email is
hosted by office365.  If I understand correctly, the tenant in my case is my
university, and so the admin for the university decides which clients can be
used.  

Since Thunderbird is a widely used email client it is on the list of
allowed clients, but since not many use Claws-mail it has not been so
accepted by the university admin.  Therefore Azure Active Directory accepted
Thunderbird for me but not Claws-Mail.

One thing I understand from my experience in getting getmail to work is that
the client developer needs to apply to Microsoft for approval before it gets
onto their list of clients the "tenant" admin can approve.  

Since you were able to declare Claws an acceptable client, I would have to
assume that the Claws developers have gotten approval from Microsoft and it
is on their list.  The one man development team for getmail wasn't about to
jump through the hoops necessary to get Microsoft's approval, so that left
the option of using the client_id and secret from Thunderbird to get a tokem
from office365.

Since apparently Claws is on Microsoft's list then there would be two
options.  Either ask our USC admin to add Claws to the list of acceptible
clients, or figure out how to insert the Thunderbird client_id and secret
into the Claws login process.  If the id and secret are not easily changed
in Claws-mail, then I may have to just leave it at that and declare victory
for just finally understanding the problem.

DWM