NO AUTHENTICATE

[johnhamelink]

Hi there,

I finally got a chance to try out this project on Saturday, but I've not been able to get it working with mbsync:

IMAPAccount mc
Host outlook.office365.com
Port 993
User john@mc.com
PassCmd "oauth2ms"
SSLType IMAPS
AuthMechs XOAUTH2

IMAPStore mc-remote
Account mc

MaildirStore mc-local
Path ~/.mail/john@mc.com/
Inbox ~/.mail/john@mc.com/INBOX
# The SubFolders option allows to represent all
# IMAP subfolders as local subfolders
SubFolders Verbatim

Channel mc
Master :mc-remote:
Slave :mc-local:
Patterns *
Expunge None
CopyArrivalDate yes
Sync All
Create Slave
SyncState *

mbsync -l mc
IMAP command 'AUTHENTICATE XOAUTH2 <base64 hash>' returned an error: NO AUTHENTICATE failed.

The base64 hash looks like this when deserialized (I replaced some of the token to make it wrong):

user=john@mc.comauth=Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6InJfMEU5VDU3aUh1Z21aaXXaaaaAaAaAA1aaA3AaAAa3A2AAAaA

The permissions look like this:

[harishkrupo]

You can try a few things:

• Copy-paste the string starting from "ey...." here: https://jwt.ms/. The site gives you the decoded version of the JWT. Check if the parameters like name, email, scope, tenant id (tid), etc in the JWT are as expected.
• Make sure that the scopes array in the configuration is an HTTPS link like https://outlook.office.com/IMAP.AccessAsUser.All and not a string: "IMAP.AccessAsUser.All"

[stefanSchuhbaeck]

Hi
not sure if this is the same issue but I saw a similar behavior.

Setup:

• Ubuntu 20.04
• Office 365 (same API permissions as @johnhamelink)
• mbsync (isync 1.3.0) <-- Version 1.3 is probably the problem here

If I execute oauth2ms directly the token is quite big (1879 characters). Comparing this with the <base64 hash> returned by mbsync in the error message it is clear that they do not match (length-wise). After some digging on Stack-overflow and Stack-exchange I found this post 'Configuring mbsync with AuthMech XOAUTH2'. It seems that mbsync as a max buffer of 80 chars on the PassCmd buffer which will not work for XOAUTH2. Compiling isync/mbsyng version 1.4.0 did the trick for me.

[harishkrupo]

@stefanSchuhbaeck Thanks for tracking that down!
I will update the readme with this requirement.

[johnhamelink]

@stefanSchuhbaeck this is great, I was able to get my mailbox syncing after ugprading isync to 1.4! My problem was that I was using a fork which wasn't being updated.

[averter]

@stefanSchuhbaeck Thanks for tracking that down! I will update the readme with this requirement.

@harishkrupo Have you updated the document? The readme reads as "Requires mbsync >= 1.3. " which implies that 1.3 would work? Is it a typo?

[kxxdhdn]

Hi, I am afraid that the same problem still exists with isync verison=1.4.4 ? I cannot make oauth2ms work after following all the solutions I could find.