连接到outlook.office365.com,使用IMAP协议与Camel建立连接。

huangapple go评论81阅读模式
英文:

Connecting with Camel to outlook.office365.com with IMAP protocol

问题

我正在尝试使用Apache Camel连接到outlook.office365.com。我遵循了有关camel组件“Mail Microsoft Oauth”的说明。

在Azure侧,我创建了一个“应用程序注册”,在我的代码中,我使用了该注册的“应用程序(客户端)ID”作为client_id,以及“目录(租户)ID”作为tenant_id。然后我为该注册创建了客户端密钥,我将“value”用作client_secret。

最后,我授予了API权限“IMAP.AccessAsApp”并获得了管理员同意。

在Java中,我配置了MicrosoftExchangeOnlineOAuth2MailAuthenticator:

@Bean
public MicrosoftExchangeOnlineOAuth2MailAuthenticator auth() {
    return new MicrosoftExchangeOnlineOAuth2MailAuthenticator(
        <tenant_id>,
        <client_id>,
        <client_secret>, "valid@email.com");
}

以及Camel路由:

public class MailListenerRoute extends RouteBuilder {

  @Override
  public void configure() throws Exception {
    from("imaps://outlook.office365.com:993"
        +  "?authenticator=#auth"
        +  "&username=valid@email.com"
        +  "&mail.imaps.auth.mechanisms=XOAUTH2"
        +  "&mail.imap.auth.plain.disable=true"
        +  "&mail.imap.auth.xoauth2.disable=false"
        +  "&debugMode=true"
        +  "&delete=false")
        .tracing()
        .log(">>> ${body}");
  }
}

我尝试过在usernamemail.imap.auth.plain.disablemail.imap.auth.xoauth2.disable中放置或移除内容,但结果没有变化。我在MicrosoftExchangeOnlineOAuth2MailAuthenticator处设置了调试点,并解码了在getPasswordAuthentication方法中接收到的JWT令牌,我确认通过在JWT.ms解码它,它是有效的并且包含:

"roles": [
  "IMAP.AccessAsApp"
]

启动流程时,以下是邮件组件的日志:

DEBUG IMAPS: AUTHENTICATE XOAUTH2 command trace suppressed
DEBUG IMAPS: AUTHENTICATE XOAUTH2 command result: B1 NO AUTHENTICATE failed.
2023-07-03 10:03:34.206  WARN 16471 --- [fice365.com:993] o.a.camel.component.mail.MailConsumer    : Failed polling endpoint: imaps://outlook.office365.com:993?authenticator=%23auth&debugMode=true&delete=false&mail.imaps.auth.mechanisms=XOAUTH2&username=xxxxxx. Will try again at next poll. Caused by: [javax.mail.AuthenticationFailedException - AUTHENTICATE failed.]

javax.mail.AuthenticationFailedException: AUTHENTICATE failed.
    at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:708) ~[jakarta.mail-1.6.7.jar:1.6.7]
英文:

I'm trying to connect to outlook.office365.com with Apache Camel. I was following instructions for camel component "Mail Microsoft Oauth"

On Azure side I created "App registration" and in my code I use "Application (client) ID" from that registration as client_id, and "Directory (tenant) ID" as tenant_id.
Then I created client secret for that registration and I use "value" as client_secret.

Last I granted API permission "IMAP.AccessAsApp" and granted Admin consent.

In Java I have configured MicrosoftExchangeOnlineOAuth2MailAuthenticator

  @Bean
  public MicrosoftExchangeOnlineOAuth2MailAuthenticator auth() {
    return new MicrosoftExchangeOnlineOAuth2MailAuthenticator(
        <tenant_id>,
        <client_id>,
        <client_secret>, "valid@email.com");
  }

and Camel route

public class MailListenerRoute extends RouteBuilder {

  @Override
  public void configure() throws Exception {
    from("imaps://outlook.office365.com:993"
        +  "?authenticator=#auth"
        +  "&username=valid@email.com"
        +  "&mail.imaps.auth.mechanisms=XOAUTH2"
        +  "&mail.imap.auth.plain.disable=true"
        +  "&mail.imap.auth.xoauth2.disable=false"
        +  "&debugMode=true"
        +  "&delete=false")
        .tracing()
        .log(">>> ${body}");
  }
}

I have experimented with both putting and removing, username, mail.imap.auth.plain.disable and mail.imap.auth.xoauth2.disable but there was no changes in result.
I have put debug point at MicrosoftExchangeOnlineOAuth2MailAuthenticator and I have decoded JWT token that is received at method getPasswordAuthentication and I have confirmed by decoding it at JWT.ms that it is valid and that it contains

  "roles": [
    "IMAP.AccessAsApp"
  ]

When starting a flow this is logs for mail component:

DEBUG IMAPS: AUTHENTICATE XOAUTH2 command trace suppressed
DEBUG IMAPS: AUTHENTICATE XOAUTH2 command result: B1 NO AUTHENTICATE failed.
2023-07-03 10:03:34.206  WARN 16471 --- [fice365.com:993] o.a.camel.component.mail.MailConsumer    : Failed polling endpoint: imaps://outlook.office365.com:993?authenticator=%23auth&debugMode=true&delete=false&mail.imaps.auth.mechanisms=XOAUTH2&username=xxxxxx. Will try again at next poll. Caused by: [javax.mail.AuthenticationFailedException - AUTHENTICATE failed.]

javax.mail.AuthenticationFailedException: AUTHENTICATE failed.
	at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:708) ~[jakarta.mail-1.6.7.jar:1.6.7]

答案1

得分: 0

我已经按照设置服务主体的指示解决了这个问题。

我不得不在Windows Powershell中运行命令,因为在Azure Powershell中运行命令Connect-ExchangeOnline -Organization <tenantId>失败,显示消息为Connect-ExchangeOnline: 未找到与参数名匹配的参数'Organization'

我在AWS EC2机器上运行了Windows Shell,因为我没有可用的Windows,而且没有出现任何问题。

我在Windows Shell中执行了所有命令:

Install-Module -Name ExchangeOnlineManagement -allowprerelease
Import-module ExchangeOnlineManagement 
Connect-ExchangeOnline -Organization <tenantId>

$AADServicePrincipalDetails = Get-AzureADServicePrincipal -SearchString YourAppName

New-ServicePrincipal -AppId $AADServicePrincipalDetails.AppId -ObjectId $AADServicePrincipalDetails.ObjectId -DisplayName "EXO Serviceprincipal for AzureAD App $($AADServicePrincipalDetails.Displayname)"

$EXOServicePrincipal = Get-ServicePrincipal -Identity "EXO Serviceprincipal for AzureAD App YourAppName"

Add-MailboxPermission -Identity "valid@email.com" -User $EXOServicePrincipal.Identity -AccessRights FullAccess
英文:

I have fixed the issue by following instructions to set Service Principle

I had to run commands in Windows Powers Shell because command Connect-ExchangeOnline -Organization <tenantId> was failing in Azure power shell with message Connect-ExchangeOnline: A parameter cannot be found that matches parameter name 'Organization

I have run Windows Shell on AWS EC2 machine because I had no Windows available, and there was no problems.

All commands I have executed in Windows Shell:

Install-Module -Name ExchangeOnlineManagement -allowprerelease
Import-module ExchangeOnlineManagement 
Connect-ExchangeOnline -Organization <tenantId>

$AADServicePrincipalDetails = Get-AzureADServicePrincipal -SearchString YourAppName

New-ServicePrincipal -AppId $AADServicePrincipalDetails.AppId -ObjectId $AADServicePrincipalDetails.ObjectId -DisplayName "EXO Serviceprincipal for AzureAD App $($AADServicePrincipalDetails.Displayname)"

$EXOServicePrincipal = Get-ServicePrincipal -Identity "EXO Serviceprincipal for AzureAD App YourAppName"

Add-MailboxPermission -Identity "valid@email.com" -User $EXOServicePrincipal.Identity -AccessRights FullAccess

huangapple
  • 本文由 发表于 2023年7月3日 18:12:51
  • 转载请务必保留本文链接:https://go.coder-hub.com/76603792.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定