LbbnPx
Solved it by commenting the line out, doing the upgrade, and then remove the comment again. Well, I have a backup 😃 Now I have the invalid_client problem, I will see if I can find a solution in this long topic ....

    Everyone,

    We are releasing RC3 and a new build of the plugin today. This new version will allow the ability to edit the email attribute as well as fix some re-authorization issues and other miscellaneous bugs.

    Cheers.

      Hello,
      I managed to modify the php file with the 'emailaddress' and repack it to a usable .phar that I added as a plugin to osticketv1.17-rc2. Everything from here went smooth, no 'Email mismatch' nor 'invalid_client' messages. It successfully activated OAuth2 for microsoft. I manage to setup correctly 'Outgoing (SMTP)', based on 'Remote Mailbox'. It works as expected when I use the 'Diagnostic' tool to send mails.
      But, even though I set 'Email Fetching' to 'enable', every 5 minutes (or 1), with the order to 'delete fetched emails'. It simply does not create tickets, nor delete the emails in the configured mailbox.
      Anyone else having this issue ? Am I missing a setting somewhere else ?

        oauth2-scout

        Did you setup a cron job? Did you enable email fetching in admin panel > Emails > Settings? Mail will not simply just appear without being polled by a cron job or scheduled task.

        Cheers.

            KevinTheJedi
            I did not setup a cron job. But I can assure you that I enabled email fetching in admin panel > Emails > Settings.
            Following your indication, I just enabled 'Fetch Emails using Auto-cron'.
            Is there something else I am supposed to do next ?

            Thanks

                I've sucessfully installed RC3 and updated plugin, I have generated a token. but when I try to enable the service it fails with no error message.

                am I missing something?

                Hello Andy_B

                Here are my settings

                I am using In Azure AD Apps / Authentication the any Organization entry

                Still my SMTP problem exists.
                Hope I can help you.

                  KevinTheJedi
                  Hi Kevin,
                  I've installed RC3. Now I'm getting Invalid Email Attribute error.
                  Please find the screen shot below.

                  • STN replied to this.

                      STN Thank you so much, I can now enable the service sucessfully.

                      I have managed to get the SMTP working by changing the authenisation to OAuth - Microsoft and going through the config a second time.

                      not sure why I had to do this but It's fully workiing for me now.

                        korali

                        please change the Email Adress Attribute from "mail" to "EmailAddress"

                        See my Settings I sended to Andy_B

                        Hope I could help you

                            Nobody any Idea for my SMTP problem?

                            And when I use same as Remote Mailbox i got

                              STN have you tried setting the Authenication to: OAuth2 - Microsoft?

                                STN

                                It seems like your Mailbox Authentication info is not complete or is not properly setup. It's saying Configure Mailbox Authentication so check your Mailbox Authentication settings to confirm you can get a token and save changes successfully.

                                Cheers.

                                • STN replied to this.

                                    KevinTheJedi

                                    Hello Kevin,
                                    thanks for the answer, It was an Internal Problem of our firewall Port 587 for outgoing SMTP was blocked. Now It works . Thanks good Job

                                    Stephan

                                      13 days later

                                      Everyone,

                                      Thanks to the wonderful @rblake we now confirmed a working setup with Microsoft and OAuth2! Below are the settings you'll need.

                                      Go to the Azure Portal > App Registrations and create a new Application. Set the Supported account types to Multiple Organization (if available) and set the Redirect URI > Platform to Web and set the actual URL to the one provided by osTicket. Now go to the Application and API Permissions > Microsoft Graph > Delegated Permissions. Here you will add email, openid, profile, User.Read, offline_access, IMAP.AccessAsUser.All, POP.AccessAsUser.All, and SMTP.Send. Once added make sure you Grant Admin Consent to the scopes.

                                      Now you can go to App Registrations > click the App > and click Authentication tab. Here you will enable the options Access Tokens and ID Tokens and Save the changes.

                                      Next you will need to create your Client Secret so click the Certificates & Secrets tab. Click New Client Secret and create a new secret. Once you have this copy the secret and save it somewhere. Now you need to get your Client ID so go to the Overview tab and copy the Application (client) ID and save it somewhere.

                                      Next, you need to get the correct endpoints so click Overview tab and at the very top you should see and Endpoints blade. Click this and you should see the correct OAuth 2.0 authorization endpoint (v2) and OAuth 2.0 token endpoint (v2) endpoints. Copy these and save them somewhere.

                                      Lastly, we need to configure osTicket so go to the email in osTicket, select OAuth2 - Microsoft, and click Configure. Now you can enter your Client ID, Client Secret, keep the scopes as the defaults, set your Authorization Endpoint to the one you saved earlier, set your Token Endpoint to the one you saved earlier, keep Resource Details Endpoint as default, change Email Address Attribute to EmailAddress, and click Submit.

                                      Once you click submit you should be redirected to login. Make sure you are logging in with the correct account. Once you login you may be met with a consent screen so consent and when redirected back to osTicket you should have successfully received a token. You can verify this with a successful green banner and clicking Configure again and see a Token tab. Once you have a Token you should be able to enable IMAP (or POP) and save changes.

                                      Edit:
                                      MS finally fixed my developer account issues and I was able to confirm the above works for me as well! So glad we were finally able to confirm MS as a provider! We are so close to releasing stable! We have a few bug fixes and we are adding PHP 8.1 support so expect at least an RC4 and a new build of the plugin soon. Shortly after v1.17 stable should be ready!

                                      Cheers.

                                      Everyone,

                                      Update on the above!

                                      For now you still need to add/consent to email, openid, profile, User.Read, offline_access, IMAP.AccessAsUser.All, POP.AccessAsUser.All, and SMTP.Send scopes in the API Permissions but you can also add/consent to the Mail.ReadWrite scope and for the Scopes in osTicket you can simply use offline_access https://outlook.office.com/Mail.ReadWrite. We will update the defaults in the next update to reflect this. Having less default scopes is better and cleaner.

                                      I'm currently reviewing the permissions to see if email, openid, and profile are actually needed.

                                      Cheers.