Fin3

Fin3 · Feb 3, 2023

ThiloR Thank you mate, u saved my day!

Fin3 · Jul 26, 2022

@jerer @KevinTheJedi
Just for info, I've handled my issues, now i'm correctly fetching emails in oauth2 with the modification proposed by jerer at attr_email and attr_username in conjunction wuth the latest commit of protich
I was having two misconfigurations:

Typo in an url rewriter of IIS
Error in app registration configuration, where "Allow public client flows" must be setted to "No"

Hope this help someone!

Cheers

Fin3 · Jul 26, 2022

jerer
I suppose that return uri is ok, i've tried with /osticket/ as per your installation and it return on a 404 page, so i removed it and still go to invelid_client.
I've quite finished to build up a develop machine, i'll let you know!

Thank you

Fin3 · Jul 26, 2022

jerer
Very thank you for your input.
I've imported and compiled your modification to the attr_username and attr_email inside the last commit of Mr. Protich but the result it's always "invalid_client". I've also setted my application to allow users from all tenants (previously was only mine, but auth was working too) but without luck (same error).
Now i'm preparing a machine to debug php and try to understand what's going on down there.

Thank you and tc

Fin3 · Jul 26, 2022

jerer
What kind of microsoft account are u using? Microsoft or Exchange online?

Fin3 · Jul 25, 2022

KevinTheJedi
Yes it's true, the msft documentation is often not up to date, even during their courses you may facing things that must be configured differently than what is written in the prodivded documentation

Anyway this is what i find when i manually try to allow the scopes:

Hope this helps!

Cheers

Fin3 · Jul 25, 2022

KevinTheJedi
Thank you very much for the reply!

Unfortunately things still doesn't work, neither with the scope you mentioned, nor the one from my endpoints (are a little bit different for azure env, they refer to graph: https://graph.microsoft.com/offline_access https://graph.microsoft.com/IMAP.AccessAsUser.All https://graph.microsoft.com/POP.AccessAsUser.All https://graph.microsoft.com/SMTP.Send)

I will check with the new plugin when ready and let you know, in the meantime if there's something I can do for you, do not hesitate to contact me.

Cheers

Fin3 · Jul 25, 2022

KevinTheJedi
I've tried what suggested, using right endpoints with my tenant_id, all go well 'till the modern authentication, that ask for user, password and scope accept, but unfortunately the response from auth is invalid_client.
As already suggested, there is maybe a problem on how the scope is handled during authentication process, even with
"https://graph.microsoft.com/.default" setted up the scope passed is "offline_access https://outlook.office.com/IMAP.AccessAsUser.All" as per screenshot below

@edgarnadal
As KevinTheJedi suggested, you will find the right urls with your tenentid inside your azure registration portal, in the "Endpoints" link, as seen in the image below