diff --git a/htdocs/admin/emailcollector_card.php b/htdocs/admin/emailcollector_card.php
index 462839245fa..10e7ea300f8 100644
--- a/htdocs/admin/emailcollector_card.php
+++ b/htdocs/admin/emailcollector_card.php
@@ -421,10 +421,13 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
//$debugtext = "Host: ".$this->host."
Port: ".$this->port."
Login: ".$this->login."
Password: ".$this->password."
access type: ".$this->acces_type."
oauth service: ".$this->oauth_service."
Max email per collect: ".$this->maxemailpercollect;
//dol_syslog($debugtext);
+ $token = '';
+
$storage = new DoliStorage($db, $conf, $keyforprovider);
try {
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
+
$expire = true;
// Is token expired or will token expire in the next 30 seconds
// if (is_object($tokenobj)) {
@@ -439,11 +442,15 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
);
$serviceFactory = new \OAuth\ServiceFactory();
$oauthname = explode('-', $OAUTH_SERVICENAME);
+
// ex service is Google-Emails we need only the first part Google
$apiService = $serviceFactory->createService($oauthname[0], $credentials, $storage, array());
+
// We have to save the token because Google give it only once
$refreshtoken = $tokenobj->getRefreshToken();
+ //var_dump($tokenobj);
$tokenobj = $apiService->refreshAccessToken($tokenobj);
+
$tokenobj->setRefreshToken($refreshtoken);
$storage->storeAccessToken($OAUTH_SERVICENAME, $tokenobj);
}
@@ -491,6 +498,15 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
}
if (!$error) {
try {
+ // To emulate the command connect, you can run
+ // openssl s_client -crlf -connect outlook.office365.com:993
+ // TAG1 AUTHENTICATE XOAUTH2 dXN...
+ // TO Get debug log, you can set protected $debug = true; in Protocol.php file
+ //
+ // A MS bug make this not working !
+ // See https://github.com/MicrosoftDocs/office-developer-exchange-docs/issues/100
+ // See github.com/MicrosoftDocs/office-developer-exchange-docs/issues/87
+ // See github.com/Webklex/php-imap/issues/81
$client->connect();
$f = $client->getFolders(false, $object->source_directory);
diff --git a/htdocs/core/lib/oauth.lib.php b/htdocs/core/lib/oauth.lib.php
index b2e59a9b87a..8a81d9a80e5 100644
--- a/htdocs/core/lib/oauth.lib.php
+++ b/htdocs/core/lib/oauth.lib.php
@@ -32,7 +32,7 @@ if (isModEnabled('stripe')) {
$supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = array('callbackfile' => 'stripelive', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeLive', 'urlforcredentials'=>'', 'availablescopes'=>'read_write', 'returnurl'=>'/core/modules/oauth/stripelive_oauthcallback.php');
}
$supportedoauth2array['OAUTH_GITHUB_NAME'] = array('callbackfile' => 'github', 'picto' => 'github', 'urlforapp' => 'OAUTH_GITHUB_DESC', 'name'=>'GitHub', 'urlforcredentials'=>'https://github.com/settings/developers', 'availablescopes'=>'user,public_repo', 'returnurl'=>'/core/modules/oauth/github_oauthcallback.php');
-$supportedoauth2array['OAUTH_MICROSOFT_NAME'] = array('callbackfile' => 'microsoft', 'picto' => 'microsoft', 'urlforapp' => 'OAUTH_MICROSOFT_DESC', 'name'=>'Microsoft', 'urlforcredentials'=>'https://portal.azure.com/', 'availablescopes'=>'openid,offline_access,profile,email,IMAP.AccessAsUser.All,SMTP.Send,Mail.Read,Mail.Send', 'returnurl'=>'/core/modules/oauth/microsoft_oauthcallback.php');
+$supportedoauth2array['OAUTH_MICROSOFT_NAME'] = array('callbackfile' => 'microsoft', 'picto' => 'microsoft', 'urlforapp' => 'OAUTH_MICROSOFT_DESC', 'name'=>'Microsoft', 'urlforcredentials'=>'https://portal.azure.com/', 'availablescopes'=>'openid,offline_access,profile,email,User.Read,https://outlook.office365.com/IMAP.AccessAsUser.All,https://outlook.office365.com/SMTP.Send', 'returnurl'=>'/core/modules/oauth/microsoft_oauthcallback.php');
if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {
$supportedoauth2array['OAUTH_OTHER_NAME'] = array('callbackfile' => 'generic', 'picto' => 'generic', 'urlforapp' => 'OAUTH_OTHER_DESC', 'name'=>'Other', 'urlforcredentials'=>'', 'availablescopes'=>'Standard', 'returnurl'=>'/core/modules/oauth/generic_oauthcallback.php');
// See https://learn.microsoft.com/fr-fr/azure/active-directory/develop/quickstart-register-app#register-an-application
diff --git a/htdocs/core/modules/oauth/microsoft_oauthcallback.php b/htdocs/core/modules/oauth/microsoft_oauthcallback.php
index 4ff573725f3..bf057676cf3 100644
--- a/htdocs/core/modules/oauth/microsoft_oauthcallback.php
+++ b/htdocs/core/modules/oauth/microsoft_oauthcallback.php
@@ -155,11 +155,16 @@ if (GETPOST('code') || GETPOST('error')) { // We are coming from oauth provi
if (GETPOST('error')) {
setEventMessages(GETPOST('error').' '.GETPOST('error_description'), null, 'errors');
} else {
+ //print GETPOST('code');exit;
+
//$token = $apiService->requestAccessToken(GETPOST('code'), $state);
$token = $apiService->requestAccessToken(GETPOST('code'));
- //print $token;
// Microsoft is a service that does not need state to be stored as second paramater of requestAccessToken
+ //print $token->getAccessToken().'
';
+ //print $token->getExtraParams()['id_token'].'
';
+ //print $token->getRefreshToken().'
';exit;
+
setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs'); // Stored into object managed by class DoliStorage so into table oauth_token
}
diff --git a/htdocs/emailcollector/class/emailcollector.class.php b/htdocs/emailcollector/class/emailcollector.class.php
index 2002adafd86..0168d8f86c6 100644
--- a/htdocs/emailcollector/class/emailcollector.class.php
+++ b/htdocs/emailcollector/class/emailcollector.class.php
@@ -1082,10 +1082,13 @@ class EmailCollector extends CommonObject
//$debugtext = "Host: ".$this->host."
Port: ".$this->port."
Login: ".$this->login."
Password: ".$this->password."
access type: ".$this->acces_type."
oauth service: ".$this->oauth_service."
Max email per collect: ".$this->maxemailpercollect;
//dol_syslog($debugtext);
+ $token = '';
+
$storage = new DoliStorage($db, $conf, $keyforprovider);
try {
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
+
$expire = true;
// Is token expired or will token expire in the next 30 seconds
// if (is_object($tokenobj)) {
@@ -1122,7 +1125,6 @@ class EmailCollector extends CommonObject
return -1;
}
-
$cm = new ClientManager();
$client = $cm->make([
'host' => $this->host,
diff --git a/htdocs/includes/OAuth/Common/Http/Client/StreamClient.php b/htdocs/includes/OAuth/Common/Http/Client/StreamClient.php
index d81fee88202..9849afd4a32 100644
--- a/htdocs/includes/OAuth/Common/Http/Client/StreamClient.php
+++ b/htdocs/includes/OAuth/Common/Http/Client/StreamClient.php
@@ -57,6 +57,7 @@ class StreamClient extends AbstractClient
}
$extraHeaders['Content-length'] = 'Content-length: '.strlen($requestBody);
+ //var_dump($requestBody); var_dump($extraHeaders);var_dump($method);exit;
$context = $this->generateStreamContext($requestBody, $extraHeaders, $method);
$level = error_reporting(0);
diff --git a/htdocs/includes/OAuth/OAuth2/Service/AbstractService.php b/htdocs/includes/OAuth/OAuth2/Service/AbstractService.php
index 0de0219306a..b6f89118d83 100644
--- a/htdocs/includes/OAuth/OAuth2/Service/AbstractService.php
+++ b/htdocs/includes/OAuth/OAuth2/Service/AbstractService.php
@@ -223,6 +223,8 @@ abstract class AbstractService extends BaseAbstractService implements ServiceInt
$parameters,
$this->getExtraOAuthHeaders()
);
+ //print $responseBody;exit; // We must have a result "{"token_type":"Bearer","scope...
+
$token = $this->parseAccessTokenResponse($responseBody);
$this->storage->storeAccessToken($this->service(), $token);
diff --git a/htdocs/includes/OAuth/OAuth2/Service/Microsoft.php b/htdocs/includes/OAuth/OAuth2/Service/Microsoft.php
index e94799b81cf..6c3b18b3c0f 100644
--- a/htdocs/includes/OAuth/OAuth2/Service/Microsoft.php
+++ b/htdocs/includes/OAuth/OAuth2/Service/Microsoft.php
@@ -38,8 +38,9 @@ class Microsoft extends AbstractService
const SCOPE_APPLICATIONS = 'applications';
const SCOPE_APPLICATIONS_CREATE = 'applications_create';
const SCOPE_IMAP = 'imap';
- const SOCPE_IMAP_ACCESSASUSERALL = 'IMAP.AccessAsUser.All';
- const SOCPE_SMTPSEND = 'SMTP.Send';
+ const SOCPE_IMAP_ACCESSASUSERALL = 'https://outlook.office365.com/IMAP.AccessAsUser.All';
+ const SOCPE_SMTPSEND = 'https://outlook.office365.com/SMTP.Send';
+ const SOCPE_USERREAD = 'User.Read';
const SOCPE_MAILREAD = 'Mail.Read';
const SOCPE_MAILSEND = 'Mail.Send';
diff --git a/htdocs/includes/webklex/php-imap/src/Client.php b/htdocs/includes/webklex/php-imap/src/Client.php
index 15944e4c646..85c537f16fa 100755
--- a/htdocs/includes/webklex/php-imap/src/Client.php
+++ b/htdocs/includes/webklex/php-imap/src/Client.php
@@ -353,6 +353,7 @@ class Client {
} catch (Exceptions\RuntimeException $e) {
throw new ConnectionFailedException("connection setup failed - run exception", 0, $e);
}
+
$this->authenticate();
return $this;
diff --git a/htdocs/langs/en_US/oauth.lang b/htdocs/langs/en_US/oauth.lang
index e773c470b30..9d4791a9f63 100644
--- a/htdocs/langs/en_US/oauth.lang
+++ b/htdocs/langs/en_US/oauth.lang
@@ -31,7 +31,7 @@ OAUTH_GITHUB_SECRET=OAuth GitHub Secret
OAUTH_URL_FOR_CREDENTIAL=Go to this page to create or get your OAuth ID and Secret
OAUTH_STRIPE_TEST_NAME=OAuth Stripe Test
OAUTH_STRIPE_LIVE_NAME=OAuth Stripe Live
-OAUTH_ID=OAuth ID
+OAUTH_ID=OAuth Client ID
OAUTH_SECRET=OAuth secret
OAUTH_TENANT=OAuth tenant
OAuthProviderAdded=OAuth provider added