---
Francis Augusto Medeiros-Logeay
Oslo, Norway
On 2024-05-09 10:11, Aki Tuomi wrote:
On 09/05/2024 10:46 EEST Francis Augusto Medeiros-Logeay via dovecot
<dovecot@dovecot.org> wrote:
Hi,
I have a Dovecot server on Ubuntu 22.04, which works fine with Oauth2.
I am building a new container based on Ubuntu 24.04. IMAP seems to
work fine with plain authentication, but oauth2 fails (Dovecot
v2.3.21). Same configuration as before.
However, I got this message:
May 09 09:41:57 auth: Error:
oauth2(f...@mydomain.eu,10.110.41.32,<o+TCjQZZYJAaaige>): oauth2
failed: Introspection failed: No username returned
Weird, as it does indeed seems to get the username (as seen on the
log).
Any clue on why this fails?
Best,
Francis
It means that introspection did not return username for the token. This
is important, because if the token is not validated to belong to the
user attempting to log in, anyone could login as anyone with any token.
Aki
Actually, the problem was not that. It was some change on Dovecot where
suddenly I need to add "clientid:client_secret@" on the url (googled it,
and saw that you advised that before). Now it works.
Best,
Francis
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org