Topic Resolution: Resolved
Viewing 8 reply threads
  • Author
    Posts
    • #13390
      Pawel Bosak
      Participant

        Hi, once I set OAUTH2 for Exchange Online Mail account in OTOBO, downloading emails will stop with error as bellow. After edit and save mail account and login to Microsoft, error will stop for next hour. Any idea how to solve this permlamentley ?

         

        Backend ERROR: OTOBO-CGI-00 Perl: 5.32.1 OS: linux Time: Thu Jun 30 17:28:34 2022

        Message: CommunicationLog(ID:126465,AccountType:-,AccountID:-,Direction:Incoming,Transport:Email,ObjectLogType:Connection,ObjectLogID:187362)::Kernel::System::MailAccount::POP3 => POP3OAuth2: Could not request access token for XXXX‘. The refresh token could be expired or invalid.

        RemoteAddress:
        RequestURI: /otobo/index.pl?Action=AdminMailAccount;Subaction=Run;ID=2;ChallengeToken=XXXXX;

      • #13515
        Tobias ILS
        Participant

          after about 60 minutes i can’t get a new token. have you found a solution?

           

          Thx

        • #13596
          Pawel Bosak
          Participant

            Nope, we consulted this issue with the Azure DevOps team and for this moment we don’t have a solution. We login again to the mailbox every 60 minutes.

          • #13621
            Pawel Bosak
            Participant

              I solved this issue temporarily by redirecting email via another mail provider where emails are  downloaded via POP3S

            • #13774
              armelli
              Participant

                I have the same problem. Is there already a solution?

              • #14321
                Rob Heine
                Participant

                  Same issue here.

                • #14408
                  Fred Denaeyer
                  Participant

                    Hi,

                     

                    We’re having the same issue over here. Anybody got a solution in the meantime?

                    (IMAPOAuth2 in our case and migrated from OTRS)

                     

                    KR,

                    Fred

                     

                  • #14409
                    Fred Denaeyer
                    Participant

                      Hi all,

                       

                      I found a solution for my environment:

                      • Clear all entries for the failing postmaster account in the database from table auth_token:

                      Delete using the SQL query: DELETE FROM public.auth_token WHERE account_id=’X‘;

                      • Secondly edit some entries in the file „/opt/otobo/Kernel/System/OAuth.pm“:

                      Line 183/184 shows:

                      my $SQL = "SELECT token FROM $Self->{TokenTable} WHERE "
                      . "account_type = LOWER(?) AND account_id = ? AND token_type = 'refresh'";

                      Adapt the lines to:

                      my $SQL = "SELECT token FROM $Self->{TokenTable} WHERE "
                      . "account_type = ? AND account_id = ? AND token_type = 'refresh'";

                       

                      Line 256/257 shows:

                      SQL => "DELETE FROM $Self->{TokenTable} WHERE "
                      . "account_type = LOWER(?) AND account_id = ? AND token_type = 'refresh'",

                      Adapt the lines to:

                      SQL => "DELETE FROM $Self->{TokenTable} WHERE "
                      . "account_type = ? AND account_id = ? AND token_type = 'refresh'",

                       

                      • Once the changes are done. Authenticate  the postmaster mail account again and follow up if mail fetch continues to work.

                      It looks like the refresh token is not being updated on new logins and not being found when searching for because of the „LOWER()“ function in the SQL queries.

                      Hope this helps you guys too.

                      KR,

                      Fred

                       

                    • #15557
                      Pawel Bosak
                      Participant

                        Hi guys, I can confirm that. I changed the code in OAuth.pm as Fred suggested, and that solved the issue. Fred, thank you!

                    Viewing 8 reply threads
                    • You must be logged in to reply to this topic.