[Users] Microsoft Live (hotmail) oauth2 authentication always fails

Ettore Tagarelli tagahect at gmail.com
Fri Jul 5 12:33:10 UTC 2024


David:
Here's the URL I forgot to add to previous post:

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d655eaae-f011-40ec-b3c9-af7ed8b41345&redirect_uri=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fnativeclient&response_type=code&scope=offline_access%20https%3A%2F%2Foutlook.office.com%2FIMAP.AccessAsUser.All%20https%3A%2F%2Foutlook.office.com%2FPOP.AccessAsUser.All%20https%3A%2F%2Foutlook.office.com%2FSMTP.Send&tenant=common&response_mode=fragment

As far as I can see URI requested in this link is
login.microsoftonline.com%2Fcommon%2Foauth2%2Fnativeclient
and not http://127.0.0.1:8888 anyway I managed to request localhost URI too
but Claws mail is not listening on 8888 (and no other application is).


[quote]
...It should come up with a page
that says something like "Are you trying to sign in to Claws Mail? Only
continue if you downloaded the app from a store or website that you
trust"...

this happens as you said.

So as I said before I copied and pasted (old method) code and also full URL
in both versions of Claws mail I've tested and clicking "authorize" I got
same result: * OAuth2 missing authentication code.
According to what I suppose to have understood this should be enough to get
authentication anyway investigating further I noticed that no application
is using 8888 port neither Claws Mail is never listening on it at all.

I don't know what I'm doing wrong or what is mibehaving.
Hope you can help. Thanks



Il giorno gio 4 lug 2024 alle ore 23:34 David Fletcher <David at megapico.co.uk>
ha scritto:

> > copied link from Claws.mail oauth2 configuration window, pasted it in
> > browser and this is the URL I got with code (I obfuscated) inside:
> > https://login.microsoftonline.com/common/oauth2/nativeclient#code=XXXXXX
>
> Hi Ettore,
>
> Thanks for the detailed information. You mention the link you copied into
> the
> browser, but you didn't quote that. Hopefully it looks something like this:
>
>
> https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=cd9fedjs-cb3b-4c34-add1-8d13d889f194&redirect_uri=http%3A%2F%2F127.0.0.1%3A8888&response_type=code&scope=offline_access%20https%3A%2F%2Foutlook.office.com%2FIMAP.AccessAsUser.All%20https%3A%2F%2Foutlook.office.com%2FPOP.AccessAsUser.All%20https%3A%2F%2Foutlook.office.com%2FSMTP.Send&tenant=common&response_mode=query
>
> The list of things the app is requesting to access looks ok (maybe slightly
> different to the ones requested in the line above as I think this has
> evolved
> a little over time to match Microsoft changes). It should come up with a
> page
> that says something like "Are you trying to sign in to Claws Mail? Only
> continue if you downloaded the app from a store or website that you trust"
>
> The part coming back looks like where things go wrong. You got the line:
>
> https://login.microsoftonline.com/common/oauth2/nativeclient#code=XXXXXX
>
> But this should actually never have been involved - this was a method used
> ages ago before Claws was updated to use the http://127.0.0.1:8888 method.
> Looking back at your post you mention both Claws version 4 and 4.3. This
> nativeclient thing will have come from the older version.
>
> With the older version you need to manually copy the XXXXXX code off that
> URL
> and paste it manually into the Claws Mail Authorisation Code box. This
> should
> still work if you manually copy the code over, but it was a hassle and
> Microsoft said the nativeclient method would be removed at some time.
>
> With the newer version using http://127.0.0.1:8888 the process should be
> far
> more automated. It should redirect your browser to a page with a URL like
>
>
> http://127.0.0.1:8888/?code=M.C530_BL2.2.U.ab8a6f41-643e-94a3-ff14-0ec33b10be14
>
> All being well that page should say that the authorisation process is
> complete.
>
> The older method is a hassle and uses a method Microsoft plans to withdrawn
> (maybe they have now withdrawn it). The new way needs no manual copy/paste,
> but depends on Claws successfully listening for a connection on the local
> machine at port 8888.
>
> Old method - did you do the manual copy/paste the code from the URL?
>
> New method - could something else on your computer be using port 8888
> already? E.g. local file transfer software that you use to copy files
> to/from
> your phone or something like that. That could block the authorisation
> process.
>
> Hopefully you can pick your way through this to spot what's happening. But
> I
> can confirm that the process has worked here in the last few minutes to
> re-authorise an Outlook email account.
>
> David.
> _______________________________________________
> Users mailing list
> Users at lists.claws-mail.org
> https://lists.claws-mail.org/cgi-bin/mailman/listinfo/users
>


More information about the Users mailing list