similar to: Dovecot and Oauth

On 06/12/2019 20:54, Aki Tuomi via dovecot wrote: > Hi! > > It seems there is a bug in the oauth2 driver, it loads the cert files wrong way. I'll make an internal bug report of this. Tracking as DOP-1590. Regards, Stephan. >> On 06/12/2019 16:42 mizuki <mizuki0621 at gmail.com> wrote: >> >> >> Hi, >> >> For troubleshooting purposes, I

I changed some of the tls options following the document, now config is following: tokeninfo_url = https://keycloak.com/auth/realms/mail/protocol/openid-connect/token introspection_url = https://dovecot:7598e21b-ec34-481f-80d0-059bddae0923 at keycloak.com/auth/realms/demo/protocol/openid-connect/token/introspect introspection_mode = post debug = yes rawlog_dir = /tmp/oauth2 #force_introspection

Hi all, We'd like to enable OAuth with Keycloak in Dovecot, after enabling 'OAUTHBEARER XOAUTH2' in Dovecot based on online document, I can confirm Dovecot is ready for OAuth using openssl command, however when the auth request comes in, it failed in establishing a SSL connection with Keycloak server on port 443, shown as following in debug logs. I can confirming using commands

On 2/14/23 08:49, Orion Poplawski wrote: > On 1/29/23 11:24, Orion Poplawski wrote: >> It seems that thunderbird-102.7.1-1.el8 (at least on CentOS Stream) broke >> OAuth authentication with outlook.office365.com.? Downgrading to >> 102.4.0-1.el8 resolved the issue. >> >> Error console reports: >> >> XHR POST

I'm trying to implement the password grant flow, as specified at https://wiki2.dovecot.org/PasswordDatabase/oauth2, but am getting an error message. Can you please help? auth: Fatal: oauth2 /etc/dovecot/dovecot-oauth2.token.conf.ext: Error in configuration file /etc/dovecot/dovecot-oauth2.token.conf.ext line 1: Unknown setting: grant_url $ dovecot -n # 2.3.5.2 (38c8f1daf):

It seems that thunderbird-102.7.1-1.el8 (at least on CentOS Stream) broke OAuth authentication with outlook.office365.com. Downgrading to 102.4.0-1.el8 resolved the issue. Error console reports: XHR POST https://login.microsoftonline.com/common/oauth2/v2.0/token [HTTP/1.1 400 Bad Request 293ms] Is anyone else seeing this? -- Orion Poplawski he/him/his - surely the least important thing

On 29/01/2023 18:24, Orion Poplawski wrote: > It seems that thunderbird-102.7.1-1.el8 (at least on CentOS Stream) > broke OAuth authentication with outlook.office365.com.? Downgrading to > 102.4.0-1.el8 resolved the issue. > > Error console reports: > > XHR POST https://login.microsoftonline.com/common/oauth2/v2.0/token > [HTTP/1.1 400 Bad Request 293ms] > > Is

Hi! It seems there is a bug in the oauth2 driver, it loads the cert files wrong way. I'll make an internal bug report of this. Aki > On 06/12/2019 16:42 mizuki <mizuki0621 at gmail.com> wrote: > > > Hi, > > For troubleshooting purposes, I change the read/write permissions on the certs and confirmed 'dovecot' can read them w/o problem, but still seeing the

Thank you Stephan, I'm wondering if I can read the track of the status of bug reports? Could you please advice? Thanks. Mizuki On Sun, Dec 8, 2019 at 6:40 AM Stephan Bosch <stephan at rename-it.nl> wrote: > > > On 06/12/2019 20:54, Aki Tuomi via dovecot wrote: > > Hi! > > > > It seems there is a bug in the oauth2 driver, it loads the cert files > wrong

Hello, I'm trying to configure roundcube / dovecot to work with keycloak. I activated xoauth2 oauthbearer in dovecot. But a problem occurs when dovecot tries to contact the keycloak server (logs are below). My problem looks like this one: https://dovecot.org/pipermail/dovecot/2019-December/117768.html The response to this problem was about a bug in oauth driver

my app seems to be running fine in dev mode ( Rails4, Devise, OAuth2 , Doorkeeper ) but looking at the console , I can see all log lines duplicated .... where should I look for any tricky bug or missing param ?anyway to get more info on what''s happening ? thanks a lot for feedback (ruby-2.0.0@rails40)$ rails server -p 4000 => Booting WEBrick => Rails 4.0.0 application starting

I block all my email ports except 25 from countries where I am not going to be sending or receiving email. I also block many datacenters, but blocking Digital Ocean, Vultur and AWS will get you 90%of the way there. You will need to use 587, that is no auth on 25. Again no blocking on 25, just block the other email ports. I get maybe one attempt to log into my email account a week. Yeah not as

Before declaring it not ready for prime time, did you try setting tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt In the oauth2 configuration file as documented in https://doc.dovecot.org/configuration_manual/authentication/oauth2 ? Aki > On 05/12/2019 21:58 mizuki via dovecot <dovecot at dovecot.org> wrote: > > > Hi all, > > We'd like to enable OAuth with

All, We currently use a proxy configuration with an sql query to authenticate and discover which backend server an address belongs to and proxy the connection to that host to authenticate and retrieve mail. We are looking to move to OAUTH2 for authentication and am just trying to figure how how to get that extra host information as part of the passdb query when using this mechanism. Looking at

Hello, I am currently trying to connect my Dovecot mail server to Microsoft's Azure-AD and use it as password and user database. I am using version 2.3.7.1. Using the Azure-AD as passdb already works. In this context I noticed that the scope implementation is not yet merged. Since I haven't found any hints for an OAuth2 userdb implementation yet, I wanted to ask if there are any plans

Has anyone gotten started with getting the OAuth2 replacement for Facebook Connect working with auth_logic? I know there is an OAuth2 gem (http://intridea.com/2010/4/22/oauth2- gem-just-in-time-for-facebook-graph?blog=company), and I''m thinking of using that to integrate. Anyone know when the Fb Connect API will be shut down? -- You received this message because you are subscribed to

Hi, One interesting thing in this release is the support for configuring OAUTH2 openid-configuration element. It would be nice if IMAP clients started supporting this feature to enable OAUTH2 for all IMAP servers, not just Gmail and a few others. This would allow all kinds of new authentication methods for IMAP and improve the authentication security in general.

Hi, One interesting thing in this release is the support for configuring OAUTH2 openid-configuration element. It would be nice if IMAP clients started supporting this feature to enable OAUTH2 for all IMAP servers, not just Gmail and a few others. This would allow all kinds of new authentication methods for IMAP and improve the authentication security in general.

I finally put together the final touches on the first version of the camping-oauth gem. It allows you to make a Camping web app into an OAuth provider. It leverages ruby-oauth and the oauth-plugin. An example of a use case is a web service built with Camping (using json/xml with/without REST). You can find it on GitHub: http://bit.ly/campingoauth I also wrote a blog post on how to use it (and

Hi everyone I have this Application witch won''t redirect, I think it''s because there is another redirect, I mean when i redirect to the FB url (https://www.facebook.com/dialog/oauth?client_id=439021042804757&redirect_uri=http://localhost:3000/) I know there is another redirect, but I can''t get rails to follow this redirect. I had tried to google it, but I