[Apologies if I’m breaking the thread, I don’t seem to have received
the version of this message that was sent to the list.]
On Thu, 2021-08-19 at 19:37 +0200, Vincent Hennebert wrote:
> Hi there,
>
> Evolution 3.40.3 on Fedora 34 (flatpak version, but same issue occurs
> with version from repository).
>
> My organisation uses Office365 with multi-factor authentication for
> email and calendar. I have custom Application and Tenant IDs. The
> first
> time I set up my account, I went through the authentication and it
> all
> worked fine.
>
> Until I had to change my password. Now the MFA window shows up, I
> enter
> my credentials, acknowledge the login from the MFA app on my phone,
> and
> get the following error:
>
> Failed to obtain access token from address [...] Bad Request
> ({"error":"invalid_grant","error_description":"AADSTS9002313: Invalid
> request. Request is malformed or invalid" [...] })
>
> As a workaround I set up DavMail so that I can keep accessing my
> account using imap and caldav, but it’s not working super well and
> I’d
> prefer to stick to Evolution’s native EWS support.
>
> In case that matters: before I had to change my password, the MFA
> window would show up several times a day, but I found that I could
> just
> ignore it (press Escape) and still be able to refresh my email and
> calendar. DavMail displays the MFA window only at startup and never
> after (or maybe just once a day, haven’t been observing its behaviour
> for long enough yet).
>
> Any ideas?
>
> Thanks,
> Vincent
Hoping to elicit an answer to this request, I followed the
troubleshooting instructions on the following page:
https://wiki.gnome.org/Apps/Evolution/EWS/OAuth2
I’m seeing OAuth2 messages that look OK. At some point I have
>
grant_type=authorization_code&code=<the_code>&redirect_uri=https%3A%2F%
2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fnativeclient&client_id=
<the_client_id>
Then this:
< HTTP/1.1 400 Bad Request
< Soup-Debug-Timestamp: 1629992911
< Soup-Debug: SoupMessage 1 (0x559af3719e80)
< Cache-Control: no-store, no-cache
< Pragma: no-cache
< Content-Type: application/json; charset=utf-8
< Expires: -1
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< X-Content-Type-Options: nosniff
< P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
< x-ms-request-id: dc8c48b0-c12e-40c1-ac8f-4742c8cece01
< x-ms-ests-server: 2.1.11935.14 - WUS2 ProdSlices
< Set-Cookie: fpc=<cookie>; expires=Sat, 25-Sep-2021 15:48:31 GMT;
path=/; secure; HttpOnly; SameSite=None
< Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; httponly
< Set-Cookie: stsservicecookie=estsfd; path=/; secure; httponly
< Date: Thu, 26 Aug 2021 15:48:30 GMT
< Connection: close
< Content-Length: 485
<
< {"error":"invalid_grant","error_description":"AADSTS9002313: Invalid
request. Request is malformed or invalid.\r\nTrace ID: dc8c48b0-c12e-
40c1-ac8f-4742c8cece01\r\nCorrelation ID: 8a4456d1-91f2-451e-af96-
4f5e36d8d660\r\nTimestamp: 2021-08-26
15:48:31Z","error_codes":[9002313],"timestamp":"2021-08-26
15:48:31Z","trace_id":"dc8c48b0-c12e-40c1-ac8f-
4742c8cece01","correlation_id":"8a4456d1-91f2-451e-af96-
4f5e36d8d660","error_uri":"https://login.microsoftonline.com/error?code=9002313
"}
[OAuth2] 2021-08-26 17:48:31.215 - Loaded URI: 'none-local://'
[OAuth2] 2021-08-26 17:48:31.236 - Loaded URI: 'none-local://'
I obfuscated some data that I was not sure if it was sensitive. Happy
to share off-list if necessary.
Does that shed any light on what the issue might be?
I am able to successfully go through the MFA using DavMail with the
same account, so the problem seems to be on Evolution’s side. But I’m
having plenty of other issues with DavMail so I’d really rather get
back to EWS if I can.
Thanks,
Vincent
_______________________________________________
evolution-list mailing list
evolution-list@gnome.org
To change your list options or unsubscribe, visit ...
https://mail.gnome.org/mailman/listinfo/evolution-list
