Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: office365 smtp auth issue
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Volker Schmid via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 28 Sep 2023 10:33:37 +0200
Am 28.09.23 um 09:32 schrieb Stephen Booth via curl-library:
>
>
> On 28/09/2023 08:03, Volker Schmid via curl-library wrote:
>> Thank you Ray, that was helpful. I just found some small examples
>> calling these URLs. But if I let the user open some URL, how do I get
>> the result? Webbrowsers usually don't tell me the results of opening a
>> URL. I'm confused. Theremust be some API that I have to call for sure.
>>
>> Until now, I only have email address, password and smtp mailserver. This
>> is provided by the user. The thing is, I should open some URL now. But
>> what URL is to be used for the token? Microsoft for sure uses other URLs
>> than Google and others. But the mailserver neither tells me the URL nor
>> do I get it from somewhere else? The user don't knows it either. Maybe
>> it is derived from the domain part of the email address? Is there a
>> standard RFC that I can refer to for learning this?
>
> Since January Office365 basically forbids the use of simple password
> authentication for most things.
>
> https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437
>
> However it looks like there is an exception for SMTP so it must be a
> tenant or user setting requiring this in your case rather than a
> microsoft one.
>
> You basically need to implement an OIDC login (which you could do using
> curl but unless you really know what you are doing using an existing
> library is recommended) You also need to read the microsoft
> documentation because a very large part of the setup is registering your
> application as a client. As you said you were running on windows using
> the microsoft authentication libraries to obtain an OAUTH token might be
> the easiest route.
>
> All of this is really off topic for curl however.
>
> Stephen
Thank you very much Stephen. Sadly, I developed the software using PureBasic and so the .NET and JAVA libraries of Microsoft do not work for me. I think I have to implement it using libcurl on myself. But I know that Google and others also use that sort of authentication. Upon this, there must be some generic documentation about what and how to obtain such tokens, right? Does anybody know where to get this so I can learn for a generic implementation that maybe also works on Linux later?
I already searched GitHub for code (I'm good in reading go and php code, too), but it is mainly implementation of supporting some OAuth 2.0 Bearer Access Token but not about obtaining and using the needed tokens.
But I also agree, that this seems to be a question out of scope for libcurl. Thanks anyway!
Date: Thu, 28 Sep 2023 10:33:37 +0200
Am 28.09.23 um 09:32 schrieb Stephen Booth via curl-library:
>
>
> On 28/09/2023 08:03, Volker Schmid via curl-library wrote:
>> Thank you Ray, that was helpful. I just found some small examples
>> calling these URLs. But if I let the user open some URL, how do I get
>> the result? Webbrowsers usually don't tell me the results of opening a
>> URL. I'm confused. Theremust be some API that I have to call for sure.
>>
>> Until now, I only have email address, password and smtp mailserver. This
>> is provided by the user. The thing is, I should open some URL now. But
>> what URL is to be used for the token? Microsoft for sure uses other URLs
>> than Google and others. But the mailserver neither tells me the URL nor
>> do I get it from somewhere else? The user don't knows it either. Maybe
>> it is derived from the domain part of the email address? Is there a
>> standard RFC that I can refer to for learning this?
>
> Since January Office365 basically forbids the use of simple password
> authentication for most things.
>
> https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437
>
> However it looks like there is an exception for SMTP so it must be a
> tenant or user setting requiring this in your case rather than a
> microsoft one.
>
> You basically need to implement an OIDC login (which you could do using
> curl but unless you really know what you are doing using an existing
> library is recommended) You also need to read the microsoft
> documentation because a very large part of the setup is registering your
> application as a client. As you said you were running on windows using
> the microsoft authentication libraries to obtain an OAUTH token might be
> the easiest route.
>
> All of this is really off topic for curl however.
>
> Stephen
Thank you very much Stephen. Sadly, I developed the software using PureBasic and so the .NET and JAVA libraries of Microsoft do not work for me. I think I have to implement it using libcurl on myself. But I know that Google and others also use that sort of authentication. Upon this, there must be some generic documentation about what and how to obtain such tokens, right? Does anybody know where to get this so I can learn for a generic implementation that maybe also works on Linux later?
I already searched GitHub for code (I'm good in reading go and php code, too), but it is mainly implementation of supporting some OAuth 2.0 Bearer Access Token but not about obtaining and using the needed tokens.
But I also agree, that this seems to be a question out of scope for libcurl. Thanks anyway!
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2023-09-28