On 06/08/2023 05:42 PM, Marton Balazs wrote: > I could only get things to work when my workplace finally provided tenant_id > and client_id. (Of course this doesn't mean it's impossible with > Thunderbird's, but I couldn't succeed with those.) > > Best wishes, > Marton > > On Thu, Jun 08, 2023 at 04:23:50PM -0400, H wrote: >> On 12/31/2022 08:40 PM, H wrote: >> >> On 12/28/2022 01:49 PM, Mario Župan wrote: >> >> Negative. >> >> I also had a need to download all my mails from office365 domain with >> zero help of an admin. We moved to another office365 domain which I >> wanted to read with aerc. >> >> So, I will try just to give you an overview: >> >> #1 GPG >> >> gpg --full-generate-key >> >> gpg --sign-key "mzupan mzu...@vup.hr" >> >> gpg --output ./Documents/manual/email-terminal/vup-token --armor >> --export "mzupan <mzu...@vup.hr" >> >> >> #2 use mutt_ouath2.py script >> >> python ./Documents/manual/email-terminal/mutt_oauth2.py >> ./Documents/manual/email-terminal/vup-token --verbose --authorize >> >> #3 in mutt_ouath2.py you need just to change the next row: >> >> ENCRYPTION_PIPE = ['gpg', '--encrypt', '--recipient', 'mario < >> mzu...@vup.hr>' >> >> >> >> # then in .mbsyncrc you need todo this: >> >> >> #### >> ... >> >> IMAPAccount vup >> Host outlook.office365.com >> User mzu...@vup.hr >> AuthMechs XOAUTH2 >> PassCmd "python ~/Documents/manual/email-terminal/mutt_oauth2.py ~/ >> Documents/manual/email-terminal/vup-token" >> CertificateFile /etc/ssl/certs/ca-certificates.crt >> TLSType IMAPS >> >> ... >> >> #### >> >> Other lines are the same for every account. I hope I make the process >> understandable. >> >> Best, >> >> Mario Zupan >> >> ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ >> Šalje: H <age...@meddatainc.com> >> Poslano: 26. prosinca 2022. 16:52 >> Kopija: Isync Mailing List <isync-devel@lists.sourceforge.net> >> Predmet: Re: Logging in to O365 account >> >> On December 26, 2022 2:39:56 AM EST, Bence Ferdinandy >> <be...@ferdinandy.com> wrote: >> >2022. dec. 26. 3:08:32 H <age...@meddatainc.com>: >> > >> >> The TENANT_ID is available on the portal.azure.com page when >> logged >> >in, >> >> registering an app to get the CLIENT_ID is locked down. I don't >> see >> >any >> >> upside for the organization to provide a CLIENT_ID, only a >> potential >> >> security risk, so I do not see that happening. >> > >> >For the client id, I suggest you use this: >> >https://github.com/ferdinandyb/dotfiles/blob/master/.config/ >> emailconfiguration/mutt_oauth2.py#L77 >> > >> >you will find that it's a rather well known application and thus >> will >> >likely be already authorized. >> > >> >Besr, >> >Bence >> >> Thank you. Does this require someone has already gotten mutt >> registered >> as an application on my organization's O365 site? >> >> >> _______________________________________________ >> isync-devel mailing list >> isync-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/isync-devel >> >> Two more questions: >> >> - Where do I get the ca-certificates.crt file you are referring to? >> >> - You list TLSType IMAPS but mbsync does not recognize that keyword. >> Do >> you mean SSLType IMAPS? >> >> >> >> >> >> _______________________________________________ >> isync-devel mailing list >> isync-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/isync-devel >> >> I am returning to this again but have run into problems. >> >> >> First, I'd like to make sure I know exactly what information is needed to get >> this to work with my university's O365 account. >> >> - Tenant ID. This is tied to the customer and I found mine using https:// >> www.whatismytenantid.com/ >> >> - App ID. Based on previous posts I have seen, it's been suggested to use the >> same one as Thunderbird uses since it is often allowed access. I found its >> App >> ID at https://blog.thunderbird.net/2023/01/ >> important-message-for-microsoft-office-365-enterprise-users/ where it states >> it >> uses "9e5f94bc-e8a4-4e73-b8be-63364c29d753". By the way, visiting >> portal.azure.com I found a link to register an app but it is disallowed by my >> university's IT-department, hence I need to use Thunderbird hoping access by >> Thunderbird is indeed allowed. >> >> - Client Secret. I understand this is also tied to the app, ie Thunderbird? >> Not >> sure what to use but an older posting for Thunderbird listed >> "TxRBilcHdC6WGBee] >> fs?QR:SJ8nI[g82" but that was together with another Thunderbird App ID, ie. >> "08162f7c-0fd2-4200-a84a-f25a4db0b584". I would think that with the more >> recent >> App ID I mention above I should use a matching ClientSecret but have yet to >> find it. Suggestions? >> >> >> Second, I generate a key >> >> - Using gpg, version 2.0,22 which is the latest version for my OS, CentOS 7, >> I >> generated a key using >> >> gpg --gen-key. When prompted I choose RSA and RSA which is the default, >> then the default 2048 bits and no expiration date. >> >> -- Based on a previous post I then ran >> >> gpg --sign-key followed by >> >> gpg --output TOKENLOCATION --armor --export KEYIDENTITY >> >> gpg --list-keys then shows the key >> >> >> Third, I edited mutt_oauth2.py from 2020-08-07, edited ENCRYPTION_PIPE >> statement and tried to run it using python3.7 even though I may not have the >> replaced the AppID and ClientSecret in the program with the Thunderbird data >> above (missing ClientSecret). >> >> >> Unfortunately it fails after entering 'microsoft' for the endpoint, >> 'authcode' >> and my email address: >> >> >> Traceback (most recent call last): >> File "/home/xxx/xxx/mutt_oauth2.py", line 135, in <module> >> writetokenfile() >> File "/home/xxx/xxx/mutt_oauth2.py", line 115, in writetokenfile >> path.touch(mode=0o600) >> File "/usr/local/lib/python3.7/pathlib.py", line 1263, in touch >> fd = self._raw_open(flags, mode) >> File "/usr/local/lib/python3.7/pathlib.py", line 1072, in _raw_open >> return self._accessor.open(self, flags, mode) >> >> >> I edited the paths above to conceal the full path. It seems that a low-level >> function accessor.open() fails and I cannot see why. >> >> >> Perhaps someone has encountered this before? >> >> >> Also, before getting this far and having mutt_oauth2.py fail, is the >> information needed correct and does anyone know what ClientSecret to use? >> >> >> Is the workflow so far correct? >> >> >> Many thanks. >> > >> _______________________________________________ >> isync-devel mailing list >> isync-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/isync-devel
The O365 Tenant ID is public information, see the website I mentioned in my email. So you received an AppID from your administrator, did you also receive the ClientSecret to go with it? Can you now log onto and use your O365 mail account with Thunderbird? _______________________________________________ isync-devel mailing list isync-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/isync-devel
