I have osTicket collecting emails from 365 using OAuth2 for 1 hour then the email fetch stops. Anyone have any suggestions? Could it be token timeouts?
aburtenshaw
Are you using a temporary token or something? The Access Token gets updated with the Refresh Token once it expires. This should be checked and updated each time it's used.
Did you do something special on the MS end of things when getting a token and then reverted it back afterwards?
Cheers.
It is not beyond the bounds of possibility I randomly clicked something special on the MS end of things. Just not sure where to start looking.
Things like allowing user consent, special permissions, etc.
aburtenshaw You can check this, it might help you out, double check your permissions https://howtohelpdesk.com/how-to-setup-oauth-on-osticket-using-microsoft-365/
Thank you, read through the site and it only seems to reinterate the orginal documentation https://docs.osticket.com/en/latest/OAuth2/Microsoft%20Authorization%20Guide.html. I have confirmed the permissions.
aburtenshaw Yes, I have written this for my own reference, so I can make changes to doc as needed You might be missing email fetch https://howtohelpdesk.com/how-to-setup-oauth-on-osticket-using-microsoft-365/#Fetch-emails
As soon as I re-enter the secret and save changes emails flow again for 60mins.
Thank you again, though I am sure the email wouldn't collect for the first 60 mins if the fetch were misconfigured. Also, basic authentication works with no problem.
Well, I seem to have broken osTicket while trying to get OAuth2 Authorisation working. When I click submit on the OAuth2 Authorization IdP Config screen, it hangs on loading. No sure how I manage that.
Check your logs for any related errors.
aburtenshaw I sorted it by deleting the email and recreating the email.
I deleted all config locally and on 365, and the token refreshed a couple of times, but then it failed to refresh again.
I pressed submit, and the token refreshed.
I am out of ideas.
Is there a way you can track network traffic to see if something is happening when refreshing the token?
I don't even know of a way to track when the token is being refreshed.
When the email is used at all to fetch or send we first check the token expiration and if expired we call MS with the current refresh token and access token to get new ones. Maybe MS has some logs that should show you tokens being refreshed? Also, if you track your network requests you should see requests going to MS to get new tokens.
I continue to search logs for more information. What does the submit button on the OAuth2 Authorization screen do that running the cron.php doesn't, as the submit button refreshes every time without fail, whereas the cron.php does not?
It does the same thing if you already have a token. If you don’t have a token or you change the info then it re-authorizes.
So as I just click the config and confirm to refresh the ticket it must be authorisation that is the problem.
