我在Java8中有一个后台任务,它应该使用OAuth 2.0读取和处理MS365邮件文件。
a)该任务正在使用“客户端凭据”。该设置严格遵循上的说明
https://learn . Microsoft . com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-IMAP-pop-SMTP-application-by-using-oauth
B) 访问令牌是使用
endpoint:https://log in . Microsoft online . com/111111111-2222-3333-4444-555555555555/oauth 2/v 2.0/token
范围:https://outlook.office365.com/.default
应用程序ID和秘密似乎是正确的,因为身份验证服务器返回了有效的访问令牌,该令牌可以被base-64解码为有效的JSON JWT。
C) 以下Javamail connect()使用步骤B)中的访问令牌而不是标准密码连接到“outlook.office365.com:993”,返回“A1 NO AUTHENTICATE failed”
Mail property mail.imaps.auth.login.disabe: true
Mail property mail.imaps.auth.plain.disable: true
Mail property mail.debug.auth.password: false
Mail property mail.mime.ignoreunknownencoding: true
Mail property mail.imaps.port: 993
Mail property mail.imaps.sasl.mechanisms: XOAUTH2
Mail property mail.store.protocol: imaps
Mail property mail.imaps.ssl.enable: true
Mail property mail.imaps.partialfetch: false
Mail property mail.mime.decodetext.strict: false
Mail property mail.debug.auth: true
Mail property mail.imaps.peek: true
Mail property mail.imaps.sasl.enable: true
DEBUG: setDebug: Jakarta Mail version 1.6.7
DEBUG: getProvider() returning javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,Oracle]
DEBUG IMAPS: mail.imap.partialfetch: false
DEBUG IMAPS: mail.imap.ignorebodystructuresize: false
DEBUG IMAPS: mail.imap.statuscachetimeout: 1000
DEBUG IMAPS: mail.imap.appendbuffersize: -1
DEBUG IMAPS: mail.imap.minidletime: 10
DEBUG IMAPS: enable SASL
DEBUG IMAPS: SASL mechanisms allowed: XOAUTH2
DEBUG IMAPS: peek
DEBUG IMAPS: closeFoldersOnStoreFailure
DEBUG IMAPS: trying to connect to host "outlook.office365.com", port 993, isSSL true
* OK The Microsoft Exchange IMAP4 service is ready. [WgBSADAAUAAyADcAOABDAEEAMAAwADkAMAAuAEMASABFAFAAMgA3ADgALgBQAFIATwBEAC4ATwBVAFQATABPAE8ASwAuAEMATwBNAA==]
A0 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
A0 OK CAPABILITY completed.
DEBUG IMAPS: AUTH: PLAIN
DEBUG IMAPS: AUTH: XOAUTH2
DEBUG IMAPS: protocolConnect login, host=outlook.office365.com, user=xxx@xxx.com, password=<non-null>
DEBUG IMAPS: SASL Mechanisms:
DEBUG IMAPS: XOAUTH2
DEBUG IMAPS:
DEBUG IMAPS: SASL client XOAUTH2
DEBUG IMAPS: SASL callback length: 2
DEBUG IMAPS: SASL callback 0: javax.security.auth.callback.NameCallback@e2e750a
DEBUG IMAPS: SASL callback 1: javax.security.auth.callback.PasswordCallback@8765a5d1
A1 AUTHENTICATE XOAUTH2
dXNlcj1h ... (Valid Token) ... AQ==
A1 NO AUTHENTICATE failed.
调试日志中的身份验证字符串(由 JavaMail 生成)正确解码回格式“user=xxx@xxx.com auth=Bearer”,后跟访问令牌。
如果访问令牌似乎有效,什么可能会导致“无身份验证”错误?
感谢任何帮助安迪·布鲁纳
已解决的问题:
PowerShell命令用于应用程序注册屏幕的对象id。
但是对象id必须取自企业应用程序。
