0 votes
by (120 points)
edited by

2022-08-16 18:30:29.266 Opening log file.
2022-08-16 18:30:29.270 INFO FileLogWriter(1)[10] Info: Assembly: Rebex.Common R6.5 for .NET 4.6-4.8
2022-08-16 18:30:29.273 INFO FileLogWriter(1)[10] Info: Platform: Windows 6.2.9200 64-bit; CLR: 4.0.30319.42000
2022-08-16 18:30:29.273 DEBUG FileLogWriter(1)[10] Info: Culture: th; windows-874
2022-08-16 18:30:33.463 DEBUG Imap(1)[10] Info: State changed from 'Disconnected' to 'Connecting'.
2022-08-16 18:30:33.463 INFO Imap(1)[10] Info: Connecting to Outlook.office365.com:993 using Imap.
2022-08-16 18:30:33.464 INFO Imap(1)[10] Info: Assembly: Rebex.Imap R6.5 for .NET 4.6-4.8 (Trial)
2022-08-16 18:30:33.464 INFO Imap(1)[10] Info: Platform: Windows 6.2.9200 64-bit; CLR: 4.0.30319.42000
2022-08-16 18:30:33.464 DEBUG Imap(1)[10] Info: Culture: th; windows-874
2022-08-16 18:30:33.464 INFO Imap(1)[10] Info: Using proxy HTTP CONNECT 192.168.4.14:8080.
2022-08-16 18:30:33.465 INFO Imap(1)[10] Info: Connecting to Outlook.office365.com.
2022-08-16 18:30:33.482 DEBUG Imap(1)[10] Proxy: Connecting to HTTP CONNECT proxy at 192.168.4.14:8080.
2022-08-16 18:30:33.585 DEBUG Imap(1)[10] Proxy: Connection established.
2022-08-16 18:30:33.678 DEBUG Imap(1)[10] Proxy: Connection initialized successfully.
2022-08-16 18:30:33.679 DEBUG Imap(1)[10] Info: Connection succeeded.
2022-08-16 18:30:33.684 DEBUG Imap(1)[10] Info: Upgrading connection to TLS.
2022-08-16 18:30:33.771 DEBUG Imap(1)[10] TLS: Using classic TLS core.
2022-08-16 18:30:33.799 DEBUG Imap(1)[10] TLS: Enabled cipher suites: 0x0C1FFFFFFFF4F666.
2022-08-16 18:30:33.898 DEBUG Imap(1)[10] TLS: Applicable cipher suites: 0x0C1FFFFFFFF4F666.
2022-08-16 18:30:33.910 DEBUG Imap(1)[10] TLS: HandshakeMessage:ClientHello was sent.
2022-08-16 18:30:34.024 DEBUG Imap(1)[10] TLS: HandshakeMessage:ServerHello was received.
2022-08-16 18:30:34.025 INFO Imap(1)[10] TLS: Negotiating TLS 1.2, RSA with ephemeral ECDH, AES with 256-bit key in GCM mode, AEAD.
2022-08-16 18:30:34.029 DEBUG Imap(1)[10] TLS: The server supports secure renegotiation.
2022-08-16 18:30:34.030 DEBUG Imap(1)[10] TLS: Extended master secret is enabled.
2022-08-16 18:30:34.033 DEBUG Imap(1)[10] TLS: HandshakeMessage:Certificate was received.
2022-08-16 18:30:34.054 DEBUG Imap(1)[10] TLS: HandshakeMessage:ServerKeyExchange was received.
2022-08-16 18:30:34.054 DEBUG Imap(1)[10] TLS: HandshakeMessage:ServerHelloDone was received.
2022-08-16 18:30:34.061 DEBUG Imap(1)[10] TLS: Verifying server certificate ('CN=outlook.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US').
2022-08-16 18:30:34.063 DEBUG Imap(1)[10] TLS: Certificate verification result: Accept
2022-08-16 18:30:34.066 DEBUG Imap(1)[10] TLS: Verifying server key exchange signature.
2022-08-16 18:30:34.101 DEBUG Imap(1)[10] TLS: Using ephemeral ECDH public key exchange with NIST P-384 curve.
2022-08-16 18:30:34.110 DEBUG Imap(1)[10] TLS: HandshakeMessage:ClientKeyExchange was sent.
2022-08-16 18:30:34.129 DEBUG Imap(1)[10] TLS: CipherSpec:ChangeCipherSpec was sent.
2022-08-16 18:30:34.130 DEBUG Imap(1)[10] TLS: HandshakeMessage:Finished was sent.
2022-08-16 18:30:34.211 DEBUG Imap(1)[10] TLS: CipherSpec:ChangeCipherSpec was received.
2022-08-16 18:30:34.217 DEBUG Imap(1)[10] TLS: HandshakeMessage:Finished was received.
2022-08-16 18:30:34.219 INFO Imap(1)[10] TLS: Connection secured using cipher: TLS 1.2, RSA with ephemeral ECDH, AES with 256-bit key in GCM mode, AEAD.
2022-08-16 18:30:34.225 DEBUG Imap(1)[10] Info: Connection upgraded to TLS 1.2.
2022-08-16 18:30:34.236 DEBUG Imap(1)[10] Info: State changed from 'Connecting' to 'Reading'.
2022-08-16 18:30:34.240 INFO Imap(1)[10] Response: * OK The Microsoft Exchange IMAP4 service is ready. [SwBMADEAUABSADAAMgBDAEEAMAAwADMAMwAuAGEAcABjAHAAcgBkADAAMgAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
2022-08-16 18:30:34.248 DEBUG Imap(1)[10] Info: State changed from 'Reading' to 'Ready'.
2022-08-16 18:30:34.256 DEBUG Imap(1)[10] Info: State changed from 'Ready' to 'Sending'.
2022-08-16 18:30:34.259 INFO Imap(1)[10] Command: R00001 CAPABILITY
2022-08-16 18:30:34.259 DEBUG Imap(1)[10] Info: State changed from 'Sending' to 'Reading'.
2022-08-16 18:30:34.320 INFO Imap(1)[10] Response: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
2022-08-16 18:30:34.320 INFO Imap(1)[10] Response: R00001 OK CAPABILITY completed.
2022-08-16 18:30:34.320 DEBUG Imap(1)[10] Info: State changed from 'Reading' to 'Ready'.
2022-08-16 18:30:35.915 DEBUG Imap(1)[10] Info: State changed from 'Ready' to 'Sending'.
2022-08-16 18:30:35.915 INFO Imap(1)[10] Command: R00002 AUTHENTICATE XOAUTH2 dXNlcj1pbWFwdXNlcjAxQHNjMzY1Lm9ubWljcm9zb2Z0LmNvbVx4MWF1dGg9QmVhcmVyIGV5SjBlWEFpT2lKS1YxUWlMQ0p1YjI1alpTSTZJbkZrU1ZjNFpUZDFiMkk0YnpaU1dIVmlXV051UXpoZlgybFdVWFJUTmxrd1JFeGlYMGhsU0ZwWWR6Z2lMQ0poYkdjaU9pSlNVekkxTmlJc0luZzFkQ0k2SWpKYVVYQktNMVZ3WW1wQldWaFpSMkZZUlVwc09HeFdNRlJQU1NJc0ltdHBaQ0k2SWpKYVVYQktNMVZ3WW1wQldWaFpSMkZZUlVwc09HeFdNRlJQU1NKOS5leUpoZFdRaU9pSm9kSFJ3Y3pvdkwyZHlZWEJvTG0xcFkzSnZjMjltZEM1amIyMGlMQ0pwYzNNaU9pSm9kSFJ3Y3pvdkwzTjBjeTUzYVc1a2IzZHpMbTVsZEM4MFl6QTRORFUwWlMxak1tWXdMVFF5TWpjdFlqVmxOUzFrWVRKaE9HWXpOakpqT0RJdklpd2lhV0YwSWpveE5qWXdOalE1TVRJNUxDSnVZbVlpT2pFMk5qQTJORGt4TWprc0ltVjRjQ0k2TVRZMk1EWTFNekF5T1N3aVlXbHZJam9pUlRKYVoxbEdhVzQzWm5wSEwyRnVRbEJOYTNSVVoxZHhhalY1TUVGQlBUMGlMQ0poY0hCZlpHbHpjR3hoZVc1aGJXVWlPaUpCWTJObGMzTWdUV0ZwYkdKdmVDSXNJbUZ3Y0dsa0lqb2lPR1prTXpBM056QXRNalExWmkwME5XVmhMVGsxT1RVdFpXUmxNV0kwTmpJd01XSmhJaXdpWVhCd2FXUmhZM0lpT2lJeElpd2lhV1J3SWpvaWFIUjBjSE02THk5emRITXVkMmx1Wkc5M2N5NXVaWFF2TkdNd09EUTFOR1V0WXpKbU1DMDBNakkzTFdJMVpUVXRaR0V5WVRobU16WXlZemd5THlJc0ltbGtkSGx3SWpvaVlYQndJaXdpYjJsa0lqb2lOR05sWkdabU9UUXRaRE0xWlMwME1qbGlMVGxoTVRBdE1HWmtOalpqWWpGbFltUXdJaXdpY21naU9pSXdMa0ZWYTBGVWExVkpWRkJFUTBvd1N6RTFaRzl4YW5wWmMyZG5UVUZCUVVGQlFVRkJRWGRCUVVGQlFVRkJRVUZDU2tGQlFTNGlMQ0p6ZFdJaU9pSTBZMlZrWm1ZNU5DMWtNelZsTFRReU9XSXRPV0V4TUMwd1ptUTJObU5pTVdWaVpEQWlMQ0owWlc1aGJuUmZjbVZuYVc5dVgzTmpiM0JsSWpvaVFWTWlMQ0owYVdRaU9pSTBZekE0TkRVMFpTMWpNbVl3TFRReU1qY3RZalZsTlMxa1lUSmhPR1l6TmpKak9ESWlMQ0oxZEdraU9pSjFTalpyWjA5Zlgzb3dhVU41YUVKVGEzTXhPVUZCSWl3aWRtVnlJam9pTVM0d0lpd2lkMmxrY3lJNld5SXdPVGszWVRGa01DMHdaREZrTFRSaFkySXRZalF3T0Mxa05XTmhOek14TWpGbE9UQWlYU3dpZUcxelgzUmpaSFFpT2pFMU1Ua3pOVGN3TUROOS5GelFWM0k0cHpIdlAwS3JOeUVsb0hnZ2ttT2NKZm81NGJxRm1pT091d1hKZkhwel8xWDNodkV3bkhiSnlUZlFUNkMyVHV1aVFPWjRabWM3c3Q4UkZfNFN6YXNHZHVKaW1zSVh1SXFIMlBuTnpVQm5oSUlZS29QT2YtYWI0QTd0THVKZDF3eENCMUotMjN5Unl1dmJldDV0YjY3VVdzLW5lQzFpNVVodmtxSFVYODJad2NzMUtVRmZZT09FYlBZdjlBcUlWUmQyVzZKX0wyUk9wV2l1WlhVQkpvWkJOQ1JwVmpUdUd2YkxrZVpuQ09DZ2tYcWVQbkhJM0pxbk1uQ3NGWDEtaTZ3aHFURnQydHpTVnZqVUZ2VndxNGxVdEplNnllMGdkMk9hYnVmM3B5dnBIVjdQRHktdVNpbnJzdmI5OUNYcGduS2FQcTdSbXVVM2U4RWJfSmdceDFceDE=
2022-08-16 18:30:35.915 DEBUG Imap(1)[10] Info: State changed from 'Sending' to 'Reading'.
2022-08-16 18:30:35.993 INFO Imap(1)[10] Response: R00002 NO AUTHENTICATE failed.
2022-08-16 18:30:35.993 DEBUG Imap(1)[10] Info: State changed from 'Reading' to 'Ready'.
2022-08-16 18:30:36.003 ERROR Imap(1)[10] Info: Rebex.Net.ImapException: AUTHENTICATE failed (NO).
at Rebex.Net.Imap.ftvcl(String p0, ImapResponse p1, Boolean p2)
at Rebex.Net.Imap.nbxxz(String p0)
at Rebex.Net.Imap.alsfl(String p0, String p1, ImapAuthentication p2, GssApiProvider p3)
at Rebex.Net.Imap.ccovk(String p0, String p1, ImapAuthentication p2)

1 Answer

0 votes
by (148k points)
edited by

For future readers: If you encounter any issue with authentication to Microsoft 365 (formerly Office 365), upgrade to a an up-to-date version of Rebex Secure Mail and try our Office 365 / OAuth 2.0 sample apps.


It looks like you are calling Imap.Login(string token, ImapAuthentication method) method, but your token is incorrectly formatted. Instead of binary \x1 characters (characters with ASCII code of 1), the token uses "\x1" strings. In practice, the following C# code would reproduce the issue:

// prepare (wrap) the authentication token for IMAP, POP3, or SMTP
string pattern = string.Format("user={0}{1}auth=Bearer {2}{1}{1}",
    _account.Username,
    "\\x1", // <-- this is wrong!
    _accessToken);
string token = Convert.ToBase64String(Encoding.ASCII.GetBytes(pattern));

// authenticate using the (wrongly) wrapped access token
client.Login(token, ImapAuthentication.OAuth20);

To fix the issue, use the proper \x1 character:

// prepare (wrap) the authentication token for IMAP, POP3, or SMTP
string pattern = string.Format("user={0}{1}auth=Bearer {2}{1}{1}",
    _account.Username,
    "\x1", // <-- this is correct
    _accessToken);
string token = Convert.ToBase64String(Encoding.ASCII.GetBytes(pattern));

// authenticate using the wrapped access token
client.Login(token, ImapAuthentication.OAuth20);

Alternatively, upgrade to Rebex Secure Mail R5.7 or later, which eliminates the need to manually encode the token, making it possible to replace the code above with a single line of code:

// authenticate using the token (and proper wrapping)
client.Login(_account.Username, _accessToken, ImapAuthentication.OAuth20);
by (120 points)
Thanks for you aws, how to fix it in VB version?
by (148k points)
Can you post the relevant VB code snippet?
Or, if it's otherwise similar to the C# version, try using Chr(0) instead of "\x1" (without the quotes).
by (120 points)
I try to do this, but I'm still getting the same error
 
Dim pattern As String = String.Format("user={0}{1}auth=Bearer {2}{1}{1}", "imapuser01@sc365.onmicrosoft.com", Chr(0), access_token))
            token = Convert.ToBase64String(Encoding.ASCII.GetBytes(pattern))
client.Connect("Outlook.office365.com", SslMode.Implicit)
            client.Login(token, ImapAuthentication.OAuth20)
by (148k points)
Would it be possible to post the relevant part of the log (with the XOAUTH2 request) from the updated code?
by (120 points)
2022-08-19 22:06:12.221 Opening log file.
2022-08-19 22:06:12.223 INFO FileLogWriter(1)[1] Info: Assembly: Rebex.Common R6.5 for .NET 4.6-4.8
2022-08-19 22:06:12.225 INFO FileLogWriter(1)[1] Info: Platform: Windows 6.2.9200 32-bit; CLR: 4.0.30319.42000
2022-08-19 22:06:12.225 DEBUG FileLogWriter(1)[1] Info: Culture: en; windows-874
2022-08-19 22:06:15.401 DEBUG Imap(1)[1] Info: State changed from 'Disconnected' to 'Connecting'.
2022-08-19 22:06:15.402 INFO Imap(1)[1] Info: Connecting to Outlook.office365.com:993 using Imap.
2022-08-19 22:06:15.402 INFO Imap(1)[1] Info: Assembly: Rebex.Imap R6.5 for .NET 4.6-4.8 (Trial)
2022-08-19 22:06:15.402 INFO Imap(1)[1] Info: Platform: Windows 6.2.9200 32-bit; CLR: 4.0.30319.42000
2022-08-19 22:06:15.402 DEBUG Imap(1)[1] Info: Culture: en; windows-874
2022-08-19 22:06:15.410 INFO Imap(1)[1] Info: Connecting to 52.98.94.162.
2022-08-19 22:06:15.422 DEBUG Imap(1)[1] Proxy: Connecting to 52.98.94.162:993 (no proxy).
2022-08-19 22:06:15.454 DEBUG Imap(1)[1] Proxy: Connection established.
2022-08-19 22:06:15.454 DEBUG Imap(1)[1] Info: Connection succeeded.
2022-08-19 22:06:15.459 DEBUG Imap(1)[1] Info: Upgrading connection to TLS.
2022-08-19 22:06:15.524 DEBUG Imap(1)[1] TLS: Using classic TLS core.
2022-08-19 22:06:15.544 DEBUG Imap(1)[1] TLS: Enabled cipher suites: 0x0C1FFFFFFFF4F666.
2022-08-19 22:06:15.614 DEBUG Imap(1)[1] TLS: Applicable cipher suites: 0x0C1FFFFFFFF4F666.
2022-08-19 22:06:15.622 DEBUG Imap(1)[1] TLS: HandshakeMessage:ClientHello was sent.
2022-08-19 22:06:15.666 DEBUG Imap(1)[1] TLS: HandshakeMessage:ServerHello was received.
2022-08-19 22:06:15.666 INFO Imap(1)[1] TLS: Negotiating TLS 1.2, RSA with ephemeral ECDH, AES with 256-bit key in GCM mode, AEAD.
2022-08-19 22:06:15.669 DEBUG Imap(1)[1] TLS: The server supports secure renegotiation.
2022-08-19 22:06:15.670 DEBUG Imap(1)[1] TLS: Extended master secret is enabled.
2022-08-19 22:06:15.672 DEBUG Imap(1)[1] TLS: HandshakeMessage:Certificate was received.
2022-08-19 22:06:15.687 DEBUG Imap(1)[1] TLS: HandshakeMessage:ServerKeyExchange was received.
2022-08-19 22:06:15.687 DEBUG Imap(1)[1] TLS: HandshakeMessage:ServerHelloDone was received.
2022-08-19 22:06:15.690 DEBUG Imap(1)[1] TLS: Verifying server certificate ('CN=outlook.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US').
2022-08-19 22:06:15.691 DEBUG Imap(1)[1] TLS: Certificate verification result: Accept
2022-08-19 22:06:15.692 DEBUG Imap(1)[1] TLS: Verifying server key exchange signature.
2022-08-19 22:06:15.715 DEBUG Imap(1)[1] TLS: Using ephemeral ECDH public key exchange with NIST P-384 curve.
2022-08-19 22:06:15.725 DEBUG Imap(1)[1] TLS: HandshakeMessage:ClientKeyExchange was sent.
2022-08-19 22:06:15.738 DEBUG Imap(1)[1] TLS: CipherSpec:ChangeCipherSpec was sent.
2022-08-19 22:06:15.739 DEBUG Imap(1)[1] TLS: HandshakeMessage:Finished was sent.
2022-08-19 22:06:15.775 DEBUG Imap(1)[1] TLS: CipherSpec:ChangeCipherSpec was received.
2022-08-19 22:06:15.777 DEBUG Imap(1)[1] TLS: HandshakeMessage:Finished was received.
2022-08-19 22:06:15.778 INFO Imap(1)[1] TLS: Connection secured using cipher: TLS 1.2, RSA with ephemeral ECDH, AES with 256-bit key in GCM mode, AEAD.
2022-08-19 22:06:15.779 DEBUG Imap(1)[1] Info: Connection upgraded to TLS 1.2.
2022-08-19 22:06:15.851 DEBUG Imap(1)[1] Info: State changed from 'Connecting' to 'Reading'.
2022-08-19 22:06:15.854 INFO Imap(1)[1] Response: * OK The Microsoft Exchange IMAP4 service is ready. [SwBMADEAUABSADAAMQBDAEEAMAAwADgANgAuAGEAcABjAHAAcgBkADAAMQAuAHAAcgBvAGQALgBlAHgAYwBoAGEAbgBnAGUAbABhAGIAcwAuAGMAbwBtAA==]
2022-08-19 22:06:15.859 DEBUG Imap(1)[1] Info: State changed from 'Reading' to 'Ready'.
2022-08-19 22:06:15.871 DEBUG Imap(1)[1] Info: State changed from 'Ready' to 'Sending'.
2022-08-19 22:06:15.873 INFO Imap(1)[1] Command: R00001 CAPABILITY
2022-08-19 22:06:15.873 DEBUG Imap(1)[1] Info: State changed from 'Sending' to 'Reading'.
2022-08-19 22:06:15.904 INFO Imap(1)[1] Response: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
2022-08-19 22:06:15.904 INFO Imap(1)[1] Response: R00001 OK CAPABILITY completed.
2022-08-19 22:06:15.904 DEBUG Imap(1)[1] Info: State changed from 'Reading' to 'Ready'.
2022-08-19 22:06:15.918 DEBUG Imap(1)[1] Info: State changed from 'Ready' to 'Sending'.
2022-08-19 22:06:15.918 INFO Imap(1)[1] Command: R00002 AUTHENTICATE XOAUTH2 dXNlcj1pbWFwdXNlcjAxQGtydW5nc3JpMzY1Lm9ubWljcm9zb2Z0LmNvbQBhdXRoPUJlYXJlciBleUowZVhBaU9pSktWMVFpTENKdWIyNWpaU0k2SWw5Q2R6UkRiR05UYjNWaU9WOTJTRGxZWlZwcVdVSmFPV281V2tsTE1WcHhla0pHY1VJMVZIQnRkR01pTENKaGJHY2lPaUpTVXpJMU5pSXNJbmcxZENJNklqSmFVWEJLTTFWd1ltcEJXVmhaUjJGWVJVcHNPR3hXTUZSUFNTSXNJbXRwWkNJNklqSmFVWEJLTTFWd1ltcEJXVmhaUjJGWVJVcHNPR3hXTUZSUFNTSjkuZXlKaGRXUWlPaUpvZEhSd2N6b3ZMMmR5WVhCb0xtMXBZM0p2YzI5bWRDNWpiMjBpTENKcGMzTWlPaUpvZEhSd2N6b3ZMM04wY3k1M2FXNWtiM2R6TG01bGRDODBZekE0TkRVMFpTMWpNbVl3TFRReU1qY3RZalZsTlMxa1lUSmhPR1l6TmpKak9ESXZJaXdpYVdGMElqb3hOall3T1RJeE1qWTJMQ0p1WW1ZaU9qRTJOakE1TWpFeU5qWXNJbVY0Y0NJNk1UWTJNRGt5TlRFMk5pd2lZV2x2SWpvaVJUSmFaMWxLWjFselprSnhPVlF5Y2xaWE4xaDFPRkl2TTA1eFowSlJRVDBpTENKaGNIQmZaR2x6Y0d4aGVXNWhiV1VpT2lKQlkyTmxjM01nVFdGcGJHSnZlQ0lzSW1Gd2NHbGtJam9pT0daa016QTNOekF0TWpRMVppMDBOV1ZoTFRrMU9UVXRaV1JsTVdJME5qSXdNV0poSWl3aVlYQndhV1JoWTNJaU9pSXhJaXdpYVdSd0lqb2lhSFIwY0hNNkx5OXpkSE11ZDJsdVpHOTNjeTV1WlhRdk5HTXdPRFExTkdVdFl6Sm1NQzAwTWpJM0xXSTFaVFV0WkdFeVlUaG1Nell5WXpneUx5SXNJbWxrZEhsd0lqb2lZWEJ3SWl3aWIybGtJam9pTkdObFpHWm1PVFF0WkRNMVpTMDBNamxpTFRsaE1UQXRNR1prTmpaallqRmxZbVF3SWl3aWNtZ2lPaUl3TGtGVmEwRlVhMVZKVkZCRVEwb3dTekUxWkc5eGFucFpjMmRuVFVGQlFVRkJRVUZCUVhkQlFVRkJRVUZCUVVGQ1NrRkJRUzRpTENKemRXSWlPaUkwWTJWa1ptWTVOQzFrTXpWbExUUXlPV0l0T1dFeE1DMHdabVEyTm1OaU1XVmlaREFpTENKMFpXNWhiblJmY21WbmFXOXVYM05qYjNCbElqb2lRVk1pTENKMGFXUWlPaUkwWXpBNE5EVTBaUzFqTW1Zd0xUUXlNamN0WWpWbE5TMWtZVEpoT0dZek5qSmpPRElpTENKMWRHa2lPaUpLVmpsbmVYWlZhREJWWlRSaVMySjZabUZKY1VGQklpd2lkbVZ5SWpvaU1TNHdJaXdpZDJsa2N5STZXeUl3T1RrM1lURmtNQzB3WkRGa0xUUmhZMkl0WWpRd09DMWtOV05oTnpNeE1qRmxPVEFpWFN3aWVHMXpYM1JqWkhRaU9qRTFNVGt6TlRjd01ETjkubEVGLTJSQ3VNOXdPTTQ4cS1uZWJDcm1aQ0dJOVRUZW53alhQOTJoVkgwcV9NOXl2UTlNSXAwVjFTajN3QldpR2Y4TTVjaDdLcFRiQUxYdEwzTlJEcjkxSGZKTVhHMGRpREZwY3c0ZmhyYmhSbjdTb3pqMW9qZjJ5VF83a0x4Y1NjQ1l0RTlZc21FR29LSmlnSllOZ0ZlSlFmdHVUb3p4S0NKUVhHV3E4LU5Gd0JuNThKWXRhQUtXN0loc2VKZkJTbXduV2Nkd2FCbmRtc3B3TXJwZ1RfNmFFeE9NcFhtNzM0REt1MFJ1OEk2eVVjdTRPZXpaNkY5NnBCVkowMDlLeW0ySXQyb1JWYXFRelVVdk9hV0tqRmh3X21tNDJpUi10Zi1jWVVjMmdHVnE5d3lrS0dwOW05MnhGaFJUYi0wZlp1WW50LURheXNNRkFSbUlONXlaVWFBAAA=
2022-08-19 22:06:15.918 DEBUG Imap(1)[1] Info: State changed from 'Sending' to 'Reading'.
2022-08-19 22:06:15.949 INFO Imap(1)[1] Response: R00002 NO AUTHENTICATE failed.
2022-08-19 22:06:15.949 DEBUG Imap(1)[1] Info: State changed from 'Reading' to 'Ready'.
2022-08-19 22:06:15.955 ERROR Imap(1)[1] Info: Rebex.Net.ImapException: AUTHENTICATE failed (NO).
   at Rebex.Net.Imap.ftvcl(String p0, ImapResponse p1, Boolean p2)
   at Rebex.Net.Imap.nbxxz(String p0)
   at Rebex.Net.Imap.alsfl(String p0, String p1, ImapAuthentication p2, GssApiProvider p3)
   at Rebex.Net.Imap.ccovk(String p0, String p1, ImapAuthentication p2)
by (148k points)
Oops, sorry, I made a mistake. Please use Chr(1) instead of Chr(0).
by (120 points)
Chr(1) updated, but I'm still getting the same error

//VB code
Dim pattern As String = String.Format("user={0}{1}auth=Bearer {2}{1}{1}", "imapuser01@krungsri365.onmicrosoft.com", Chr(1), dict("access_token"))
            token = Convert.ToBase64String(Encoding.ASCII.GetBytes(pattern))

//log
2022-08-22 15:09:02.923 Opening log file.
2022-08-22 15:09:02.926 INFO FileLogWriter(1)[1] Info: Assembly: Rebex.Common R6.5 for .NET 4.6-4.8
2022-08-22 15:09:02.929 INFO FileLogWriter(1)[1] Info: Platform: Windows 6.2.9200 32-bit; CLR: 4.0.30319.42000
2022-08-22 15:09:02.929 DEBUG FileLogWriter(1)[1] Info: Culture: en; windows-874
2022-08-22 15:09:07.872 DEBUG Imap(1)[1] Info: State changed from 'Disconnected' to 'Connecting'.
2022-08-22 15:09:07.872 INFO Imap(1)[1] Info: Connecting to Outlook.office365.com:993 using Imap.
2022-08-22 15:09:07.873 INFO Imap(1)[1] Info: Assembly: Rebex.Imap R6.5 for .NET 4.6-4.8 (Trial)
2022-08-22 15:09:07.873 INFO Imap(1)[1] Info: Platform: Windows 6.2.9200 32-bit; CLR: 4.0.30319.42000
2022-08-22 15:09:07.873 DEBUG Imap(1)[1] Info: Culture: en; windows-874
2022-08-22 15:09:07.884 INFO Imap(1)[1] Info: Connecting to 40.100.18.2.
2022-08-22 15:09:07.896 DEBUG Imap(1)[1] Proxy: Connecting to 40.100.18.2:993 (no proxy).
2022-08-22 15:09:07.925 DEBUG Imap(1)[1] Proxy: Connection established.
2022-08-22 15:09:07.925 DEBUG Imap(1)[1] Info: Connection succeeded.
2022-08-22 15:09:07.930 DEBUG Imap(1)[1] Info: Upgrading connection to TLS.
2022-08-22 15:09:07.994 DEBUG Imap(1)[1] TLS: Using classic TLS core.
2022-08-22 15:09:08.014 DEBUG Imap(1)[1] TLS: Enabled cipher suites: 0x0C1FFFFFFFF4F666.
2022-08-22 15:09:08.089 DEBUG Imap(1)[1] TLS: Applicable cipher suites: 0x0C1FFFFFFFF4F666.
2022-08-22 15:09:08.098 DEBUG Imap(1)[1] TLS: HandshakeMessage:ClientHello was sent.
2022-08-22 15:09:08.139 DEBUG Imap(1)[1] TLS: HandshakeMessage:ServerHello was received.
2022-08-22 15:09:08.140 INFO Imap(1)[1] TLS: Negotiating TLS 1.2, RSA with ephemeral ECDH, AES with 256-bit key in GCM mode, AEAD.
2022-08-22 15:09:08.142 DEBUG Imap(1)[1] TLS: The server supports secure renegotiation.
2022-08-22 15:09:08.143 DEBUG Imap(1)[1] TLS: Extended master secret is enabled.
2022-08-22 15:09:08.144 DEBUG Imap(1)[1] TLS: HandshakeMessage:Certificate was received.
2022-08-22 15:09:08.157 DEBUG Imap(1)[1] TLS: HandshakeMessage:ServerKeyExchange was received.
2022-08-22 15:09:08.157 DEBUG Imap(1)[1] TLS: HandshakeMessage:ServerHelloDone was received.
2022-08-22 15:09:08.160 DEBUG Imap(1)[1] TLS: Verifying server certificate ('CN=outlook.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US').
2022-08-22 15:09:08.161 DEBUG Imap(1)[1] TLS: Certificate verification result: Accept
2022-08-22 15:09:08.162 DEBUG Imap(1)[1] TLS: Verifying server key exchange signature.
2022-08-22 15:09:08.185 DEBUG Imap(1)[1] TLS: Using ephemeral ECDH public key exchange with NIST P-384 curve.
2022-08-22 15:09:08.195 DEBUG Imap(1)[1] TLS: HandshakeMessage:ClientKeyExchange was sent.
2022-08-22 15:09:08.209 DEBUG Imap(1)[1] TLS: CipherSpec:ChangeCipherSpec was sent.
2022-08-22 15:09:08.210 DEBUG Imap(1)[1] TLS: HandshakeMessage:Finished was sent.
2022-08-22 15:09:08.242 DEBUG Imap(1)[1] TLS: CipherSpec:ChangeCipherSpec was received.
2022-08-22 15:09:08.245 DEBUG Imap(1)[1] TLS: HandshakeMessage:Finished was received.
2022-08-22 15:09:08.245 INFO Imap(1)[1] TLS: Connection secured using cipher: TLS 1.2, RSA with ephemeral ECDH, AES with 256-bit key in GCM mode, AEAD.
2022-08-22 15:09:08.246 DEBUG Imap(1)[1] Info: Connection upgraded to TLS 1.2.
2022-08-22 15:09:08.324 DEBUG Imap(1)[1] Info: State changed from 'Connecting' to 'Reading'.
2022-08-22 15:09:08.328 INFO Imap(1)[1] Response: * OK The Microsoft Exchange IMAP4 service is ready. [SwBVADEAUABSADAAMwBDAEEAMAAwADAANAAuAGEAcABjAHAAcgBkADAAMwAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
2022-08-22 15:09:08.348 DEBUG Imap(1)[1] Info: State changed from 'Reading' to 'Ready'.
2022-08-22 15:09:08.355 DEBUG Imap(1)[1] Info: State changed from 'Ready' to 'Sending'.
2022-08-22 15:09:08.357 INFO Imap(1)[1] Command: R00001 CAPABILITY
2022-08-22 15:09:08.357 DEBUG Imap(1)[1] Info: State changed from 'Sending' to 'Reading'.
2022-08-22 15:09:08.384 INFO Imap(1)[1] Response: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS MOVE ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
2022-08-22 15:09:08.384 INFO Imap(1)[1] Response: R00001 OK CAPABILITY completed.
2022-08-22 15:09:08.384 DEBUG Imap(1)[1] Info: State changed from 'Reading' to 'Ready'.
2022-08-22 15:09:08.401 DEBUG Imap(1)[1] Info: State changed from 'Ready' to 'Sending'.
2022-08-22 15:09:08.401 INFO Imap(1)[1] Command: R00002 AUTHENTICATE XOAUTH2 dXNlcj1pbWFwdXNlcjAxQGtydW5nc3JpMzY1Lm9ubWljcm9zb2Z0LmNvbQFhdXRoPUJlYXJlciBleUowZVhBaU9pSktWMVFpTENKdWIyNWpaU0k2SWsxNWVYZFNVbmwyU0cwd1prNUJia3MwV0VJMmFuRXpSVXMxTXpSclIxWlFaRzFMTm5sd2VucFZMVkVpTENKaGJHY2lPaUpTVXpJMU5pSXNJbmcxZENJNklqSmFVWEJLTTFWd1ltcEJXVmhaUjJGWVJVcHNPR3hXTUZSUFNTSXNJbXRwWkNJNklqSmFVWEJLTTFWd1ltcEJXVmhaUjJGWVJVcHNPR3hXTUZSUFNTSjkuZXlKaGRXUWlPaUpvZEhSd2N6b3ZMMmR5WVhCb0xtMXBZM0p2YzI5bWRDNWpiMjBpTENKcGMzTWlPaUpvZEhSd2N6b3ZMM04wY3k1M2FXNWtiM2R6TG01bGRDODBZekE0TkRVMFpTMWpNbVl3TFRReU1qY3RZalZsTlMxa1lUSmhPR1l6TmpKak9ESXZJaXdpYVdGMElqb3hOall4TVRVMU5EUXlMQ0p1WW1ZaU9qRTJOakV4TlRVME5ESXNJbVY0Y0NJNk1UWTJNVEUxT1RNME1pd2lZV2x2SWpvaVJUSmFaMWxCYVZOR04zWlVTMHRHYm5nNFlUazJhazVtTmpoRlZFRkJQVDBpTENKaGNIQmZaR2x6Y0d4aGVXNWhiV1VpT2lKQlkyTmxjM01nVFdGcGJHSnZlQ0lzSW1Gd2NHbGtJam9pT0daa016QTNOekF0TWpRMVppMDBOV1ZoTFRrMU9UVXRaV1JsTVdJME5qSXdNV0poSWl3aVlYQndhV1JoWTNJaU9pSXhJaXdpYVdSd0lqb2lhSFIwY0hNNkx5OXpkSE11ZDJsdVpHOTNjeTV1WlhRdk5HTXdPRFExTkdVdFl6Sm1NQzAwTWpJM0xXSTFaVFV0WkdFeVlUaG1Nell5WXpneUx5SXNJbWxrZEhsd0lqb2lZWEJ3SWl3aWIybGtJam9pTkdObFpHWm1PVFF0WkRNMVpTMDBNamxpTFRsaE1UQXRNR1prTmpaallqRmxZbVF3SWl3aWNtZ2lPaUl3TGtGVmEwRlVhMVZKVkZCRVEwb3dTekUxWkc5eGFucFpjMmRuVFVGQlFVRkJRVUZCUVhkQlFVRkJRVUZCUVVGQ1NrRkJRUzRpTENKemRXSWlPaUkwWTJWa1ptWTVOQzFrTXpWbExUUXlPV0l0T1dFeE1DMHdabVEyTm1OaU1XVmlaREFpTENKMFpXNWhiblJmY21WbmFXOXVYM05qYjNCbElqb2lRVk1pTENKMGFXUWlPaUkwWXpBNE5EVTBaUzFqTW1Zd0xUUXlNamN0WWpWbE5TMWtZVEpoT0dZek5qSmpPRElpTENKMWRHa2lPaUpwWTE5MVYyMXZUVGhWVTNsaFIwZHdRWFk0VDBGQklpd2lkbVZ5SWpvaU1TNHdJaXdpZDJsa2N5STZXeUl3T1RrM1lURmtNQzB3WkRGa0xUUmhZMkl0WWpRd09DMWtOV05oTnpNeE1qRmxPVEFpWFN3aWVHMXpYM1JqWkhRaU9qRTFNVGt6TlRjd01ETjkuSjVNWE1jUWhpZVlyNGRDWXRpaEhJdWpzTWlRMC1YRl8wMFlac3JMNWF6UFFDX0hFZ1RCeUZQZFlsU0hqa0pNcDE0QlJUdnp1YklCbTc5ekktY253VGEwc2tJaGpCdDYyQWtXQ2V2NmItT21KTkRzakkxM2Njd0NRT1M4Z20wR2dFeTh0US1naFhiZk9jd0h5QVlOXzNRcC1wQ1lsYjdJaHQ4RjM0azByY0JURnVXWFpBQmpZRlA0OVo1RGRPOFJlRk5JRGxyS1NMaTdkNEE2ZDhycjg2eWZ6YU1vUGRjd0c1UjdSSXdRd3ZkV2dXZ01Kb2FhOXR1aHFhOFNvQk5qTlJYSlBGUXRFanFjaXlxaTRjaW11ci1HZUZyQnBMVW41Mjd5UDBPc2VMTmNfQmo3enR6MWM3UXB4RWN6MDhMdVJQMGRKREVCVnVIUW4xWGVUSFNIcUpnAQE=
2022-08-22 15:09:08.401 DEBUG Imap(1)[1] Info: State changed from 'Sending' to 'Reading'.
2022-08-22 15:09:11.315 INFO Imap(1)[1] Response: R00002 NO AUTHENTICATE failed.
2022-08-22 15:09:11.315 DEBUG Imap(1)[1] Info: State changed from 'Reading' to 'Ready'.
2022-08-22 15:09:11.338 ERROR Imap(1)[1] Info: Rebex.Net.ImapException: AUTHENTICATE failed (NO).
   at Rebex.Net.Imap.ftvcl(String p0, ImapResponse p1, Boolean p2)
   at Rebex.Net.Imap.nbxxz(String p0)
   at Rebex.Net.Imap.alsfl(String p0, String p1, ImapAuthentication p2, GssApiProvider p3)
   at Rebex.Net.Imap.ccovk(String p0, String p1, ImapAuthentication p2)
by (148k points)
Unfortunately, Office 365 returns the same "AUTHENTICATE failed" error for all kinds if issues. Base64-decoding the token shows that you have indeed fixed the Chr(1) issue, but apparently the input token is still not suitable for authentication.

What kind of authentication are you attempting? Delegated (for signed-in users) or app-only (for services/deamons)?
by (120 points)
just use service for signed-in users, I don't understand why "AUTHENTICATE failed", Could you clarify this "the input token is still not suitable for authentication." please ?

thank you for your help
by (148k points)
The IMAP server apparently did not accept the token, which means it considers it unsuitable for authentication, even though the formatting issue has been fixed. This implies there is some other issue with the token. For further clarification on what that kinds of issue that might be, you would have to contact Microsoft, who provides the service and whose severs return the "AUTHENTICATE failed" message.

Have performed all the necessary steps described at https://blog.rebex.net/registering-app-for-oauth2-office365 when registering your application?

Does our sample application at https://github.com/rebexnet/RebexExtras/tree/master/Office365_OAuth2_IdentityClient/ImapOAuthWpfApp_IdentityClient work for you? If it does, check out what you are doing differently in your app. If it doesn't, there is some issue with your application's registration.
by (120 points)
In my PowerShell script it worked, but in my VB it don't worked server return that error and I try to using token from PowerShell script by VB hardcode force it used PowerShell token but I got error as before

//token from PowerShell
dXNlcj1pbWFwdXNlcjAxQGtydW5nc3JpMzY1Lm9ubWljcm9zb2Z0LmNvbQFhdXRoPUJlYXJlciBleUowZVhBaU9pSktWMVFpTENKdWIyNWpaU0k2SWpCTVpHZ3lja0k1ZUc5bFdVdFVNRnBKWDA5VFIwbGxMWEV4VG1KV2RIQmFObWQ1UzJscVZUaERhakFpTENKaGJHY2lPaUpTVXpJMU5pSXNJbmcxZENJNklqSmFVWEJLTTFWd1ltcEJXVmhaUjJGWVJVcHNPR3hXTUZSUFNTSXNJbXRwWkNJNklqSmFVWEJ
LTTFWd1ltcEJXVmhaUjJGWVJVcHNPR3hXTUZSUFNTSjkuZXlKaGRXUWlPaUpvZEhSd2N6b3ZMMjkxZEd4dmIyc3ViMlptYVdObE16WTFMbU52YlNJc0ltbHpjeUk2SW1oMGRIQnpPaTh2YzNSekxuZHBibVJ2ZDNNdWJtVjBMelJqTURnME5UUmxMV015WmpBdE5ESXlOeTFpTldVMUxXUmhNbUU0WmpNMk1tTTRNaThpTENKcFlYUWlPakUyTmpFeU5UTTROVElzSW01aVppSTZNVFkyTVRJMU16ZzFNaXdpWlhod0lqb3hOall4TWpVM056VXlMQ0poYVc4aU9pSkZNbHBu
V1U1cGVTOHZUREprTWpNM01Xa3ZlbGxRVkdocFJEQnlRM2RCUFNJc0ltRndjRjlrYVhOd2JHRjVibUZ0WlNJNklrRmpZMlZ6Y3lCTllXbHNZbTk0SWl3aVlYQndhV1FpT2lJNFptUXpNRGMzTUMweU5EVm1MVFExWldFdE9UVTVOUzFsWkdVeFlqUTJNakF4WW1FaUxDSmhjSEJwWkdGamNpSTZJakVpTENKcFpIQWlPaUpvZEhSd2N6b3ZMM04wY3k1M2FXNWtiM2R6TG01bGRDODBZekE0TkRVMFpTMWpNbVl3TFRReU1qY3RZalZsTlMxa1lUSmhPR1l6TmpKak9ESXZJa
XdpYjJsa0lqb2lOR05sWkdabU9UUXRaRE0xWlMwME1qbGlMVGxoTVRBdE1HWmtOalpqWWpGbFltUXdJaXdpY21naU9pSXdMa0ZWYTBGVWExVkpWRkJFUTBvd1N6RTFaRzl4YW5wWmMyZG5TVUZCUVVGQlFWQkZVSHBuUVVGQlFVRkJRVUZDU2tGQlFTNGlMQ0p5YjJ4bGN5STZXeUpKVFVGUUxrRmpZMlZ6YzBGelFYQndJbDBzSW5OcFpDSTZJamxtT0dKbFpqUTNMV0pqWm1VdE5HRXdaQzA0WmpsbUxXSmlPREJoTmprd1ltVmpOeUlzSW5OMVlpSTZJalJqWldSbVpqaz
BMV1F6TldVdE5ESTVZaTA1WVRFd0xUQm1aRFkyWTJJeFpXSmtNQ0lzSW5ScFpDSTZJalJqTURnME5UUmxMV015WmpBdE5ESXlOeTFpTldVMUxXUmhNbUU0WmpNMk1tTTRNaUlzSW5WMGFTSTZJbEkxVVdsb1dFOWZNVlY1VkdKUFNUTkxSV05FUVVFaUxDSjJaWElpT2lJeExqQWlMQ0ozYVdSeklqcGJJakE1T1RkaE1XUXdMVEJrTVdRdE5HRmpZaTFpTkRBNExXUTFZMkUzTXpFeU1XVTVNQ0pkZlEuQnYwNFJ1TFNCUXBGSFdmcW9Fa3JVT2Rwdk9MRjdoMTB6aHNWNEx
aNFdtdDZmZDR0OXVxVndORW1SOW9hcmxBUEJPOUdxaXBnSE5Belg0bjlsNTBHVm5nWjdPT3N3SlRYMWs5X2VrLTFHdDRKZm8wQWNvUkN6clRfSkY0aWJBa3AzcFR4N3VJZEtPZ0hDT0VUbHlkbzFybVQxVE40TUVKZEZJbnhYaXN3V1p5eDNLSkJUWWRJcFVVb1BvYV9qU0xqZkF3R2xPM3l5c25tUFNQbVFEQkQzUkQ3WExHOTRsQU9jX0JtU0JOUElYMFFmai16SDhFWWVlR0czazVTbFpTSFlvUlVES3JQZnd5YWFjbEI2SUFXNTgxdExwR1FsSC1oeVlmTG5jOFBtQmZI
QTZQRG9paWtHVXZQM3JLUzBEd0UwZGw1Mk9LY09DUnVpQjE0eW14VDlBAQE=
by (148k points)
You wrote that you "just use service for signed-in users", but this latest token actually asserts app-only role:
    "roles":["IMAP.AccessAsApp"]

Are you attempting app-only authentication now? If that's the case, does our sample app work for you?
    https://github.com/rebexnet/RebexExtras/tree/master/Office365_OAuth2_IdentityClient/ImapOAuthAppOnlyConsole_IdentityClient

(To decode token data yourself, use a Base64 decoder such as https://www.base64decode.org/ - it has to be done twice, first with the "wrapped" token (in the form above), then copy&paste and decode the part that is still Base64-encoded - that's the actual token.)
by (148k points)
edited by
To access Office 365 using IMAP or POP3 with app-only (unattended) authentication, several additional steps are needed. Please follow our detailed step-by-step guide, and be aware that all the steps are important: https://blog.rebex.net/office365-imap-pop3-oauth-unattended
by (120 points)
Thanks you for you anwser and sorry for replying late. Please tell me how I can use this Function (Await cca.AcquireTokenForClient(scopes).ExecuteAsync()) without Await, Coz my vb program is a synchronous coding
by (148k points)
Replace this:
    AuthenticationResult result = await cca.AcquireTokenForClient(Scopes).ExecuteAsync();

With this:
    AuthenticationResult result = cca.AcquireTokenForClient(Scopes).ExecuteAsync().Result;
...