How email using OAuth and Exchange Online

Mike Matthews - Omnis omnis at lineal.co.uk
Sat Jul 16 16:42:30 UTC 2022 

Hello Doug,

You re quite right, the $complete is the place to look for the finished action.  But for some strange reason, after making a new oAuth2 object ref, that looks right, smells right, walks right, just doesn’t hit it’s own $complete in our window system.

I have UK support looking into it right now, as they are saying like you, just do this and this, and bingo.  Well, no Bingo this time, very strange.  Other OW3 workers seem fine, just the oAuth2 currently.

And when I make a subclassed version of oAuth2 in order to override the $complete, well, then Omnis explodes on the $authorize command, so checking the $complete is tricky in this case.  I can’t repoint it, I can’t step into it.

So stop worrying for the weekend, we have the British Summer this week, and plenty to do in the hot days ahead, especially as we live near the coast.  Oh, and we had a Pagan festival as well today, Pilton Green Man Festival www.piltonfestival.co.uk<http://www.piltonfestival.co.uk>

Thanks

Mike


On 16 Jul 2022, at 14:27, Doug Easterbrook <doug at artsman.com<mailto:doug at artsman.com>> wrote:

hi Mike.

I’m not weighing in on the how to use oAuth … but more on the structure of the object.

any of the workers we have built that rely on timers for completion are always separate objects, be it postgres workers or ow3 workers.

The $complete is always in the object itself, and that may dispatch to another place.    in other words, we

instantiate the object
tell it that when done, to call a place using and item reference.  we might pass in  a ref like     iWindowref.  (which can refer to anything)


the $complete in the worker object is called - it always seems to work

that then dispatches to the passed in reference.   eg



in $complete for the worker might be code like

If iCallingRef.[iMethodName].$cando
Do iCallingRef.[iMethodName](pResults,kTrue)
End If


this lets you do a couple of things
1) breakpoint the $complete method in the object… since it should always be called
2) then trace through the callback to the place you want the result to go
3) the results from the worker can be sent anywhere (to another worker, or window, or database, if you want :)


you already mention that it works in a stand-alone window, just not when nested.      this avoids the influence of nesting issues on timers….






Doug Easterbrook
Arts Management Systems Ltd.
mailto:doug at artsman.com
http://www.artsman.com<http://www.artsman.com/>
Phone (403) 650-1978

On Jul 15, 2022, at 11:17 PM, Mike Matthews - Omnis via omnisdev-en <omnisdev-en at lists.omnis-dev.com<mailto:omnisdev-en at lists.omnis-dev.com>> wrote:

Hello Philip,

Thank you for the hint on how to save the state of the tokens using $save, I was having a problem there.

I’m having trouble with the oAuth2 OW3 at the moment.  The $complete is not being called, either for the standard version, or the redirected version using Calculate iOAUTH2.$callbackinst as $cinst.

Our window class is buried a few levels deep within 3 layers of sub classes and sub windows, and I have tried many options, but no luck yet.  I can get it to work in a test window that works all on it’s own, so my system is good to go, just not in production.

I’m using v10.2 build 31416 with OSX 12 on a M1 MBP.

Thanks

Mike



On 12 Jul 2022, at 09:36, Philip Tulett <philip.tulett at pdq-networks.com<mailto:philip.tulett at pdq-networks.com><mailto:philip.tulett at pdq-networks.com>> wrote:

Hi Michael,

I have multiple apps that are connecting to Exchange / O365 to send and retrieving messages using ow3 objects.

From what you have said, you are just sending emails, at this time MS are continuing to support Basic Auth for SMTP Sending:-
https://techcommunity.microsoft.com/t5/exchange-team-blog/improving-security-together/ba-p/805892
That said, if you are going to refactor the code to use the new worker object, it would be worth going to OAUTH at the same time.
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-april-2020-update/ba-p/1275508
https://docs.microsoft.com/en-gb/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth

Pointers:-
Generally, MS tokens have a life of about an hour, so expect to receive an updated token at that rate, that will need to be saved for next connection, so capture the call to $tokensrefreshed and then save the OAUTH buffer using Do iOAUTH2.$save(iSavedOAUTHBuffer,iKey) Returns lOK
I encrypt the OAUTH buffer with a key, then save it to a binary field in the database so can be used at the next call or if the apps stops and restarts.
So, when starting a connection, I load the latest OAUTH buffer from the database.
To reduce user interaction/reauthorisation, when setting up the in AZURE, include the following tin the Scope API:-
offline_access
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2foutlook.office.com%2fSMTP.Send&c=E,1,7LtfYImCiExRBGy_CwzGP4CsFLs8cFBWyEa8cKOx7Dss_MY7_0W7UGXNouDCPg3iSO8RmO7dRWdCmrlpt_6HhkspOKwIXFbqYv46s-0qDPZ1QfCZZw,,&typo=1
I my case I also include
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2foutlook.office.com%2fPOP.AccessAsUser.All&c=E,1,NZaenVcEfz0u16K-qKJHtCkNiS-jngz7jzjyDA0E7cEJO_FX7prauhBddhDnbeaFCKATRwNGM3gKM-wvwTFErkhTbFFkusGfeq13Xjv7&typo=1
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2foutlook.office.com%2fIMAP.AccessAsUser.All&c=E,1,e8Agh-BTwpZgk0GTdsJ9hE73hSAJ7yv68DKjPFJWTZPoJCWVbo7GyJEmzt7bd8mJ6EFxelNzGwRx7ytnF8wsITMVm8WGd19qd9WKtEBlDr2gH3iZbF7u54kklpXH&typo=1
The above will need to be include in your initial Authorization request
If you have multiple servers that could perform the token refresh, make sure that you include them in all the Redirect URI's in AZURE.
If you will be using the Omnis Runtime's I recommend setting a unique static port for each of them (see above on Redirect URI's) in their server options "RESTful connections"

HTH


Kind regards
Philip Tulett

-----Original Message-----
From: omnisdev-en <omnisdev-en-bounces at lists.omnis-dev.com> On Behalf Of Michael Houlberg
Sent: 11 July 2022 19:07
To: OmnisDev List - English <omnisdev-en at lists.omnis-dev.com>
Subject: Re: How email using OAuth and Exchange Online

Mike,

Thanks, I’m sure I’ll be talking with you in the future.  I see that right now I should probably make the move from SMTPSend to oSMTPWorker as a first step, since I already know how to do that.

Thanks,
Michael Houlberg
Houlberg Development, LLC

On Jul 11, 2022, at 11:04 AM, Mike Matthews - Omnis via omnisdev-en <omnisdev-en at lists.omnis-dev.com> wrote:

I’m in the middle of using oAuth2 for Exchange / O365 / Azure.

Most done, just need to tidy up.

Mike Matthews

Lineal Software Solutions
Commercial House, The Strand<x-apple-data-detectors://1/1> Barnstaple,
Devon, EX31 1EU<x-apple-data-detectors://1/1>

omnis at lineal.co.uk<mailto:mike.matthews at lineal.co.uk>

https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.lineal.co.uk&c=E,1,u1D0bbNxVtBgEh6oOxIRUI_b41leuut2zmVKX70EYJBdPlgQEBII765eku0Y8uIUP44mOfiSM4Crx8aY6wAz7lB3SuTZyFesTS8JA-TkHKh22A,,&typo=1<https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.lineal.co.uk%2f&c=E,1,5zjRvhRlZZunj0a11WXeLzcJpnYDfE2_XpgSvcc52lycHAXvJ2sR7v81fEsR0GGE6fDA77kzRZupdapK8U9BC11gmKS7RLyQdq_Nf9vEOa0aFu3tHIH1Y0YUtQ,,&typo=1>

https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.sqlworks.co.uk&c=E,1,HcWlb1Eya_H7OhQKKDQJWXu20EJydowdpNYG0Bj1b5wJv-bO7WZGe1YS9sib15J5V4RkbCCplClgYMYJXgnJwEZESpb8GrvLaEhn8mkJKQrrm77-GIDC3A,,&typo=1<https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.sqlworks.co%2f&c=E,1,3lyDTIyhl13K1x8yPZBwpMa8ErFPS2zqa3wxMkIfDttSYjTUoVQxmgyyU6E4z9lXzXKcYmyYx8ry6iIh5ZgGDpcS_HHo5RoYd2mU2_8WFt6Dv_G3DjAX0rL8&typo=1>



On 11 Jul 2022, at 18:55, Michael Houlberg <michael at houlbergdevelopment.com<mailto:michael at houlbergdevelopment.com>> wrote:

$Listers:

My client who is part of a University, tells me that this fall they are dropping support for the type of email we have been using in favor of Exchange Online and using OAuth to authenticate.  Currently we send lots of emails using SMTPSend.  For another client I have had experience using the oSMTPWorker object.  But I haven’t had to deal with either oAuth or Exchange Online Server.

Does anyone have some pointers on this they can share?

Thanks,
Michael Houlberg
Houlberg Development, LLC
_____________________________________________________________
Manage your list subscriptions at
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2flists.omnis-dev.co
m&c=E,1,VF9Rn-JHUso614RklDy6ab1e38c_b_Z94_OemBOgjTfQUsWcqLrhXVC5OPx1Jj
vQeQxk7_FQ1m6o4ThS5_KBhUfHFAjz1rm7xGQxq148o4eXWT3dGAcOwRlM&typo=1
Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com

_____________________________________________________________
Manage your list subscriptions at https://linkprotect.cudasvc.com/url?a=https%3a%2f%2flists.omnis-dev.com&c=E,1,LEN0BqayhFuANxqJveNE9oq4dvm9PFhQao1v9024Lap4UwdKIdbJqufY4Fz9joOxqMo6_YMNS0KUyIKK2fJh2HSehNiziHstGweuItjPjcMC5rGZ8DVXn4qM&typo=1 Start a
new message -> mailto:omnisdev-en at lists.omnis-dev.com

_____________________________________________________________
Manage your list subscriptions at https://linkprotect.cudasvc.com/url?a=https%3a%2f%2flists.omnis-dev.com&c=E,1,40dyCF4DWrIXstitCJ9iHInZ9J1ya5B34uRTMtMqWBcmcDuj0utaL2BrntrLD_9XYSuRXM7XwCsC3dSv3GBhdmbX4UWwv6TQmidBDG1ePhgJ&typo=1 Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com

_____________________________________________________________
Manage your list subscriptions at https://linkprotect.cudasvc.com/url?a=https%3a%2f%2flists.omnis-dev.com&c=E,1,cLacmXQian6oe-9xRQiT5P_4ODxmrG-gWRyzfFk_wziz7LNKjV-02AcB1mf0SAbiMwaktzdHIpZvZM4oVr_FN-0r5V4GRtnqkmBAeLmo16sx&typo=1
Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com

_____________________________________________________________
Manage your list subscriptions at https://lists.omnis-dev.com
Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com

More information about the omnisdev-en mailing list