Outlook SMTP Oauth 发送 - 身份验证不成功 [英] Outlook SMTP Oauth Send - Authentication Unsuccessful

查看：32 发布时间：2022/1/8 20:11:14 outlook azure-active-directory office365 mailkit smtp-auth

本文介绍了Outlook SMTP Oauth 发送 - 身份验证不成功的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我一直在尝试使用 Legacy Mail API 在通过设备代码流以微软示例项目.

I have been trying to implement email functionality in a legacy app using the Legacy Mail API to add OAuth support after getting a token through the Device Code Flow starting with the Microsoft Sample Project.

沿着这条路线，我添加了 SMTP.Send 和许多其他 API 权限来查找丢失的部分.(包括{ "User.Read", "User.ReadBasic.All", "SMTP.Send", "offline_access", "Mail.Send" } 怕漏一个)

Along that route I have added SMTP.Send and many other API permissions to find the missing piece. (Including { "User.Read", "User.ReadBasic.All", "SMTP.Send", "offline_access", "Mail.Send" } in fear of missing one)

我一直在使用 MailKit 库进行测试，以构建概念验证.

I have been testing with the MailKit library to build a proof of concept.

到目前为止，我有以下代码片段在尝试进行身份验证后失败.

So far I have the following Code Snippet that fails after trying to authenticate.

public void SendSmtpMessageAsync(string id, string accessToken)
{
    var message = new MimeMessage();
    message.From.Add(new MailboxAddress("From Name", "From Address@Example.com"));
    message.To.Add(new MailboxAddress("To Name", "To Address@Example.com"));
    message.Subject = "How you doin'?";

    message.Body = new TextPart("plain")
    {
        Text = @"Test Email Content"
    };

    using (var client = new SmtpClient(new ProtocolLogger(Console.OpenStandardOutput())))
    {
        try
        {
            client.Connect("smtp.office365.com", 587, SecureSocketOptions.StartTls);

            var oauth2 = new SaslMechanismOAuth2(id, accessToken);

            var temp = client.AuthenticationMechanisms;
            client.Authenticate(oauth2);

            client.Send(message);
            client.Disconnect(true);
        }
        catch (Exception ex)
        {
            Console.WriteLine(ex);
        }
    }
}

我已启用日志记录并得到一个日志，显示客户端连接而不是发送令牌进行身份验证但身份验证失败.

I have enabled logging and gotten a log that shows the client connecting than sending the token to authenticate but the authentication failing.

Connected to smtp://smtp.office365.com:587/?starttls=always
S: 220 MW3PR05CA0003.outlook.office365.com Microsoft ESMTP MAIL Service ready at Mon, 25 May 2020 21:31:07 +0000
C: EHLO [192.168.0.7]
S: 250-MW3PR05CA0003.outlook.office365.com Hello [<<My IP>>]
S: 250-SIZE 157286400
S: 250-PIPELINING
S: 250-DSN
S: 250-ENHANCEDSTATUSCODES
S: 250-STARTTLS
S: 250-8BITMIME
S: 250-BINARYMIME
S: 250-CHUNKING
S: 250 SMTPUTF8
C: STARTTLS
S: 220 2.0.0 SMTP server ready
C: EHLO [192.168.0.7]
S: 250-MW3PR05CA0003.outlook.office365.com Hello [<<My IP>>]
S: 250-SIZE 157286400
S: 250-PIPELINING
S: 250-DSN
S: 250-ENHANCEDSTATUSCODES
S: 250-AUTH LOGIN XOAUTH2
S: 250-8BITMIME
S: 250-BINARYMIME
S: 250-CHUNKING
S: 250 SMTPUTF8
C: AUTH XOAUTH2 <<Token omitted but I have confirmed that it is Base64 encoded and 
in the format of base64("user=" + userName + "^Aauth=Bearer " + accessToken + "^A^A")>>
S: 535 5.7.3 Authentication unsuccessful [MW3PR05CA0003.namprd05.prod.outlook.com]
MailKit.Security.AuthenticationException: 535: 5.7.3 Authentication unsuccessful 
[MW3PR05CA0003.namprd05.prod.outlook.com]

任何方向或资源都将不胜感激，因为大多数现有帖子都是在 2020 年之前添加旧版 SMTP 支持时发布的.此外，如果您发现任何误解，请告诉我，以便我可以做一些额外的阅读.

Any direction or resources would be appreciated since most existing posts are from pre-2020 when Legacy SMTP support was added. Additionally, if you see any misunderstanding let me know so I can do some additional reading.

推荐答案

经过大量搜索并尝试与 Microsoft 交谈后，我被指出了另一个帖子的答案的方向.(我添加了一个与 OP 中的 SMTP 调用格式相同的 POP3 调用.)答案说包括范围 https://outlook.office.com/POP.AccessAsUser.All 所以在替换 POP.AccessAsUser.All 我在 SMTP 和 POP3 调用工作之前使用现代身份验证.

After lots of searching and trying to talk to Microsoft I was pointed in the direction of this answer of a different post. (I had adding a POP3 call that was in the same format as the SMTP call in the OP.) The answer said to include the scope https://outlook.office.com/POP.AccessAsUser.All so after replacing the POP.AccessAsUser.All I had before the SMTP and POP3 calls worked using modern authentication.

此外，既然我知道答案，我看到它记录在 Microsoft 的文档使用 OAuth 验证 IMAP、POP 或 SMTP 连接这是正确的解决方案.

Additionally, now that I know the answer I see it is documented in Microsoft's Docs Authenticate an IMAP, POP or SMTP connection using OAuth verifying that this is the proper solution.

确保在授权您的应用程序和请求访问令牌时指定完整的范围，包括 Outlook 资源 URL.

Make sure to specify the full scopes, including Outlook resource URLs, when authorizing your application and requesting an access token.

| Protocol  | Permission scope string
|-----------|-------------------------------------
| IMAP      | https://outlook.office.com/IMAP.AccessAsUser.All
| POP       | https://outlook.office.com/POP.AccessAsUser.All
| SMTP AUTH | https://outlook.office.com/SMTP.Send

希望这可以帮助其他面临同样问题的人

Hope this helps anyone else facing this same issue

这篇关于Outlook SMTP Oauth 发送 - 身份验证不成功的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

Outlook SMTP Oauth 发送 - 身份验证不成功 [英] Outlook SMTP Oauth Send - Authentication Unsuccessful

问题描述

推荐答案

相关文章

其他开发最新文章

热门教程

热门工具

登录关闭

Outlook SMTP Oauth 发送 - 身份验证不成功 [英] Outlook SMTP Oauth Send - Authentication Unsuccessful

问题描述

推荐答案

相关文章

其他开发最新文章

热门教程

热门工具

登录 关闭

登录关闭