如何使用MailKit中的OAuth 2.0连接到Exchange Online? [英] How do I connect to Exchange Online using OAuth 2.0 in MailKit?

问题描述

我有一个Web应用程序，该应用程序使用MailKit和基本身份验证通过Exchange Online(Office365)向用户发送电子邮件.我们公司是MS合作伙伴，因此有义务在2020年2月底之前关闭我们的服务的基本身份验证.

因此，我想使用OAuth 2.0连接到Exchange Online，类似于此示例.实际上，根据答案，可能有可用的解决方案，但我找不到任何解决办法.

目前，我正在使用MS Identity Platform v2.0，但无法弄清楚该怎么做.

将寻求任何帮助.

更新1

我不想代表登录用户发送邮件，但是有一个Office365用户帐户可用于向其他人发送邮件(通知等).

更新2

使用Microsoft Graph SDK和解决方案

我的选择是研究这里

Microsoft提供了不同语言的SDK，以使用Graph API开发客户端应用程序.

从总体上讲，您需要执行以下操作.

i)在Azure Active Directory中注册一个应用程序.请参见此处

ii)使用Oauth2授权代码授予"流程来获取刷新令牌.请参见此处

iii)将刷新令牌交换为访问令牌，并使用该访问令牌来调用Microsoft Graph API.

iv)如果存在用例，即使用户处于脱机状态，应用程序也需要执行操作，则还需要存储刷新令牌.在这种情况下，请确保在步骤ii)中包括范围离线"

I have a web application that sends e-mails to users via Exchange Online (Office365) using MailKit and Basic Authentication. Our company is MS partner and therefor is obligated to turn off Basic Authentication for our services by the end of february 2020.

So, I want to use OAuth 2.0 to connect to Exchange Online, similar to this example. In fact, there might be a solution available according to this answer but I'm unable to find anything about it.

Right now I'm playing around with MS Identity Platform v2.0 but I'm unable to figure out how to do it.

Any help would be appriciated.

UPDATE 1

I do not want to send mails on behalf of signed-in users but instead there is a single Office365 user account that shall be used to send mails (notifications and so on) to others.

UPDATE 2

I managed to get a little closer to what I want to do using Microsoft Graph SDK and the Username/Password Provider.

Our user account requires multifactor-authentication and therefor I get an error when using the user's password since I cannot satisfy the second factor. When I'm using an app-password authentication fails because of incorrect password.

UPDATE 3

I switched to mail relaying for now. But I will update this question if I'll ever find an answer to it.

解决方案

My choice would be to look into Microsoft Graph API . It is a single endpoint for all Microsoft services including Email. Email specific endpoints document is here

Microsoft provides SDK in different languages to develop client applications using Graph API.

At a high level you would need to do the following.

i) Register an application in Azure Active Directory. See here

ii) Use the Oauth2 'authorization code grant' flow to get a refresh token . See here

iii) Exchange the refresh token for an access token and use the access token to call Microsoft Graph API.

iv) You also need to store the refresh token , if you have use cases where you application needs to perform actions even if the user is offline. In this case make sure you include scope 'offline' in step ii)

这篇关于如何使用MailKit中的OAuth 2.0连接到Exchange Online?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！