Could not request access token for. The refresh token could be expired or invali

[Pawel Bosak]

Hi, once I set OAUTH2 for Exchange Online Mail account in OTOBO, downloading emails will stop with error as bellow. After edit and save mail account and login to Microsoft, error will stop for next hour. Any idea how to solve this permlamentley ?

 

Backend ERROR: OTOBO-CGI-00 Perl: 5.32.1 OS: linux Time: Thu Jun 30 17:28:34 2022

Message: CommunicationLog(ID:126465,AccountType:-,AccountID:-,Direction:Incoming,Transport:Email,ObjectLogType:Connection,ObjectLogID:187362)::Kernel::System::MailAccount::POP3 => POP3OAuth2: Could not request access token for XXXX‘. The refresh token could be expired or invalid.

RemoteAddress:
RequestURI: /otobo/index.pl?Action=AdminMailAccount;Subaction=Run;ID=2;ChallengeToken=XXXXX;

[Tobias ILS]

after about 60 minutes i can’t get a new token. have you found a solution?

 

Thx

[Pawel Bosak]

Nope, we consulted this issue with the Azure DevOps team and for this moment we don’t have a solution. We login again to the mailbox every 60 minutes.

[Pawel Bosak]

I solved this issue temporarily by redirecting email via another mail provider where emails are  downloaded via POP3S

[armelli]

I have the same problem. Is there already a solution?

[Rob Heine]

Same issue here.

[Fred Denaeyer]

Hi,

 

We’re having the same issue over here. Anybody got a solution in the meantime?

(IMAPOAuth2 in our case and migrated from OTRS)

 

KR,

Fred

 

[Fred Denaeyer]

Hi all,

 

I found a solution for my environment:

• Clear all entries for the failing postmaster account in the database from table auth_token:

Delete using the SQL query: DELETE FROM public.auth_token WHERE account_id=’X‘;

• Secondly edit some entries in the file „/opt/otobo/Kernel/System/OAuth.pm“:

Line 183/184 shows:

my $SQL = "SELECT token FROM $Self->{TokenTable} WHERE "
. "account_type = LOWER(?) AND account_id = ? AND token_type = 'refresh'";

Adapt the lines to:

my $SQL = "SELECT token FROM $Self->{TokenTable} WHERE "
. "account_type = ? AND account_id = ? AND token_type = 'refresh'";

 

Line 256/257 shows:

SQL => "DELETE FROM $Self->{TokenTable} WHERE "
. "account_type = LOWER(?) AND account_id = ? AND token_type = 'refresh'",

Adapt the lines to:

SQL => "DELETE FROM $Self->{TokenTable} WHERE "
. "account_type = ? AND account_id = ? AND token_type = 'refresh'",

 

• Once the changes are done. Authenticate  the postmaster mail account again and follow up if mail fetch continues to work.

It looks like the refresh token is not being updated on new logins and not being found when searching for because of the „LOWER()“ function in the SQL queries.

Hope this helps you guys too.

KR,

Fred

 

• This reply was modified 9 months, 2 weeks ago by Fred Denaeyer.
• This reply was modified 9 months, 2 weeks ago by Fred Denaeyer.

[Pawel Bosak]

Hi guys, I can confirm that. I changed the code in OAuth.pm as Fred suggested, and that solved the issue. Fred, thank you!

[Author]

Posts