ews-javascript-api icon indicating copy to clipboard operation
ews-javascript-api copied to clipboard

Published 20 hours ago verified publisher icon gautamsi

Microsoft 365 Auth

Open obsidience opened this issue 4 years ago • 6 comments

Hey there,

Has anyone been able to successfully authenticate to M365? Since they've disabled basic auth, I'm seeing: Invalid message signature: Basic Realm="". The example in the readme.txt that uses WebCredentials no longer works.

I'm thinking OAuth is the way to go but don't know how to create a token. There's a StackOverflow question out there but the link to this part is not working.

Any help would be appreciated!

obsidience avatar Feb 24 '21 00:02 obsidience

Has anyone been able to successfully authenticate to M365? Since they've disabled basic auth, I'm seeing: Invalid message signature: Basic Realm="". The example in the readme.txt that uses WebCredentials no longer works.

ntlm2 authentication works fine.

bladerunner2020 avatar Feb 24 '21 08:02 bladerunner2020

@bladerunner2020 there is no ntlm authentication for Office 365. Office 365 needs now

  1. get token using adal-node or adal-browser lib
  2. pass on the access token to ews-javascript-api using new OAuthCredential class

I can try to setup some example this weekend.

  1. would be transient where you get the token from React SPA and pass on to the service, the service can give you details of the mailbox using the access token
  2. generate token by way of express route (powered with adal-node) and get you access token which you can use.
  3. to save token using a manually called service which also gives you refresh-token to get access-token subsequently.

I can try to setup example in parts if not all together.

gautamsi avatar Feb 24 '21 14:02 gautamsi

@bladerunner2020 there is no ntlm authentication for Office 365.

Yes, I was wrong. I checked my code - it doesn't use ntlm2, but works! ))

    const exchangeVersion = 7;
    const exch = new ExchangeService(exchangeVersion);
    ConfigurationApi.SetXHROptions({ rejectUnauthorized: true });
    exch.Credentials = new ExchangeCredentials(username, password);
    exch.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx");

bladerunner2020 avatar Feb 24 '21 20:02 bladerunner2020

@gautamsi - thanks for your help, a sample would really help me and probably others in the future. One of my worries with Oath was that I'm not an M365 admin and wasn't sure if I had the access needed to generate the token.

@bladerunner2020 - thanks for the sample, I adjusted the code to match and, unfortunately, still getting the same error... Perhaps your M365 setup is configured differently somehow?

obsidience avatar Mar 01 '21 21:03 obsidience

I have created a demo https://github.com/ewsjs/oauth-demo/blob/main/examples/msal-node-samples/auth-code/index.js

not all example is functioning but the above example works now

gautamsi avatar Mar 03 '21 18:03 gautamsi

explained very well by @zhukovsv in https://github.com/gautamsi/ews-javascript-api/issues/415#issuecomment-1317183521

if someone wants to crate a PR for documentation in OAUTH.MD file using the reference above, I will merge that promptly

gautamsi avatar Feb 25 '24 06:02 gautamsi