Public bug reported: The OAuth2 module of evolution-ews sends an optional "scope" parameter in its HTTP request that causes Office365 AD to reject the authentication request with an error like:
error:invalid_request description:AADSTS65002: Consent between first party applications and resources must be configured via preauthorization. The "scope" parameter is listed as ignored on the upstream documentation, and it has been confirmed by multiple users that removing it from the request does not cause any issue, and fixes this problem. A very simple fix has been merged in the upstream branch and has also been backported to the 3.32 branch: https://gitlab.gnome.org/GNOME/evolution- ews/commit/8dafe925c30e2a2bc53578076eb5710b18eedd42 This is fixed in Disco and Eoan, but on 18.04 LTS it doesn't work as it's an older version. It would be great if the patch could be backported to 18.04 via bionic-updates - it's really trivial: @@ -253,7 +238,6 @@ eos_office365_prepare_authentication_uri_query (EOAuth2Service *service, e_oauth2_service_util_set_to_form (uri_query, "response_mode", "query"); e_oauth2_service_util_set_to_form (uri_query, "prompt", "login"); - e_oauth2_service_util_set_to_form (uri_query, "scope", OFFICE365_SCOPE); e_oauth2_service_util_set_to_form (uri_query, "resource", OFFICE365_RESOURCE); } @@ -321,7 +305,6 @@ eos_office365_prepare_refresh_token_form (EOAuth2Service *service, { g_return_if_fail (form != NULL); - e_oauth2_service_util_set_to_form (form, "scope", OFFICE365_SCOPE); e_oauth2_service_util_set_to_form (form, "resource", OFFICE365_RESOURCE); e_oauth2_service_util_set_to_form (form, "redirect_uri", e_oauth2_service_get_redirect_uri (service, source)); } ** Affects: evolution-ews (Ubuntu) Importance: Undecided Status: New ** Affects: evolution-ews (Debian) Importance: Unknown Status: Unknown ** Bug watch added: Debian Bug tracker #926249 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926249 ** Also affects: evolution-ews (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926249 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1838463 Title: Authentication with OAuth2 to Office365 fails To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evolution-ews/+bug/1838463/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
