On 12/31/2022 08:40 PM, H wrote: > On 12/28/2022 01:49 PM, Mario Župan wrote: >> Negative. >> >> I also had a need to download all my mails from office365 domain with >> zero help of an admin. We moved to another office365 domain which I >> wanted to read with aerc. >> >> So, I will try just to give you an overview: >> >> #1 GPG >> >> gpg --full-generate-key >> >> gpg --sign-key "mzupan mzu...@vup.hr <mailto:mzu...@vup.hr>" >> >> gpg --output ./Documents/manual/email-terminal/vup-token --armor --export >> "mzupan <mzu...@vup.hr <mailto:mzu...@vup.hr>" >> >> >> #2 use mutt_ouath2.py script >> >> python ./Documents/manual/email-terminal/mutt_oauth2.py >> ./Documents/manual/email-terminal/vup-token --verbose --authorize >> >> #3 in mutt_ouath2.py you need just to change the next row: >> >> ENCRYPTION_PIPE = ['gpg', '--encrypt', '--recipient', 'mario <mzu...@vup.hr >> <mailto:mzu...@vup.hr>>' >> >> >> >> # then in .mbsyncrc you need todo this: >> >> >> #### >> ... >> >> IMAPAccount vup >> Host outlook.office365.com <http://outlook.office365.com/> >> User mzu...@vup.hr <mailto:mzu...@vup.hr> >> AuthMechs XOAUTH2 >> PassCmd "python ~/Documents/manual/email-terminal/mutt_oauth2.py >> ~/Documents/manual/email-terminal/vup-token" >> CertificateFile /etc/ssl/certs/ca-certificates.crt >> TLSType IMAPS >> >> ... >> >> #### >> >> Other lines are the same for every account. I hope I make the process >> understandable. >> >> Best, >> >> Mario Zupan >> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ >> *Šalje:* H <age...@meddatainc.com> >> *Poslano:* 26. prosinca 2022. 16:52 >> *Kopija:* Isync Mailing List <isync-devel@lists.sourceforge.net> >> *Predmet:* Re: Logging in to O365 account >> >> On December 26, 2022 2:39:56 AM EST, Bence Ferdinandy <be...@ferdinandy.com> >> wrote: >> >2022. dec. 26. 3:08:32 H <age...@meddatainc.com>: >> > >> >> The TENANT_ID is available on the portal.azure.com page when logged >> >in, >> >> registering an app to get the CLIENT_ID is locked down. I don't see >> >any >> >> upside for the organization to provide a CLIENT_ID, only a potential >> >> security risk, so I do not see that happening. >> > >> >For the client id, I suggest you use this: >> >https://github.com/ferdinandyb/dotfiles/blob/master/.config/emailconfiguration/mutt_oauth2.py#L77 >> > >> >you will find that it's a rather well known application and thus will >> >likely be already authorized. >> > >> >Besr, >> >Bence >> >> Thank you. Does this require someone has already gotten mutt registered as >> an application on my organization's O365 site? >> >> >> _______________________________________________ >> isync-devel mailing list >> isync-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/isync-devel > > Two more questions: > > - Where do I get the ca-certificates.crt file you are referring to? > > - You list TLSType IMAPS but mbsync does not recognize that keyword. Do > you mean SSLType IMAPS? > > > > > > _______________________________________________ > isync-devel mailing list > isync-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/isync-devel
I am returning to this again but have run into problems. First, I'd like to make sure I know exactly what information is needed to get this to work with my university's O365 account. - Tenant ID. This is tied to the customer and I found mine using https://www.whatismytenantid.com/ - App ID. Based on previous posts I have seen, it's been suggested to use the same one as Thunderbird uses since it is often allowed access. I found its App ID at https://blog.thunderbird.net/2023/01/important-message-for-microsoft-office-365-enterprise-users/ where it states it uses "9e5f94bc-e8a4-4e73-b8be-63364c29d753". By the way, visiting portal.azure.com I found a link to register an app but it is disallowed by my university's IT-department, hence I need to use Thunderbird hoping access by Thunderbird is indeed allowed. - Client Secret. I understand this is also tied to the app, ie Thunderbird? Not sure what to use but an older posting for Thunderbird listed "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82" but that was together with another Thunderbird App ID, ie. "08162f7c-0fd2-4200-a84a-f25a4db0b584". I would think that with the more recent App ID I mention above I should use a matching ClientSecret but have yet to find it. Suggestions? Second, I generate a key - Using gpg, version 2.0,22 which is the latest version for my OS, CentOS 7, I generated a key using gpg --gen-key. When prompted I choose RSA and RSA which is the default, then the default 2048 bits and no expiration date. -- Based on a previous post I then ran gpg --sign-key followed by gpg --output TOKENLOCATION --armor --export KEYIDENTITY gpg --list-keys then shows the key Third, I edited mutt_oauth2.py from 2020-08-07, edited ENCRYPTION_PIPE statement and tried to run it using python3.7 even though I may not have the replaced the AppID and ClientSecret in the program with the Thunderbird data above (missing ClientSecret). Unfortunately it fails after entering 'microsoft' for the endpoint, 'authcode' and my email address: Traceback (most recent call last): File "/home/xxx/xxx/mutt_oauth2.py", line 135, in <module> writetokenfile() File "/home/xxx/xxx/mutt_oauth2.py", line 115, in writetokenfile path.touch(mode=0o600) File "/usr/local/lib/python3.7/pathlib.py", line 1263, in touch fd = self._raw_open(flags, mode) File "/usr/local/lib/python3.7/pathlib.py", line 1072, in _raw_open return self._accessor.open(self, flags, mode) I edited the paths above to conceal the full path. It seems that a low-level function accessor.open() fails and I cannot see why. Perhaps someone has encountered this before? Also, before getting this far and having mutt_oauth2.py fail, is the information needed correct and does anyone know what ClientSecret to use? Is the workflow so far correct? Many thanks.
_______________________________________________ isync-devel mailing list isync-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/isync-devel
