Community Manager

Question

Authenticate an IMAP, POP or SMTP connection using OAuth

Forum|Forum|3 years ago
December 29, 2022
2 replies
1577 views

We have released fixes for both ColdFusion (2021 release) and ColdFusion (2018 release) that help authenticate IMAP, POP, SMTP, and Exchange connections using OAuth.

For more information, see this KB document.

We've also released an update for cfexchange for both ColdFusion (2021 release) and ColdFusion (2018 release). The document also lists the steps to apply the update.

Apply these updates and let us know your feedback.

This topic has been closed for replies.

BKBK

Community Expert

What an important development.

Thanks for the news, @Saurav_Ghosh !

P

Pierre23682963n3yh

Participating Frequently

On my side using coldfusion2021 and after applying above patchs, I have properly received an authentication token from login.microsoftonline.com but when I use it in cfexchangeconnection, I get following error : "The request failed. The account does not have permission to impersonate the requested user."

According to Microsoft support, we have to add an authentication token to EWS request as explained in

https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth#add-an-authentication-token-to-ews-requests

However only example is written in c#.

Any idea about coldfusion implementation ?

Regards

Pierre

D

Dave Watts

Community Expert

I don't think you'll be able to do that using the EWS Managed API, which is only available in C#. You'll need to submit a ticket to Adobe to get that resolved.

Dave Watts, Eidolon LLC

Charlie Arehart

Community Expert

Thanks, Saurav, and great to see this finally addressed and shared. I'll help spread the news, as some have been waiting very anxiously for it. (Folks, let's not re-litigate here how it's "taken far too long" to get the resolution. That's been voiced plenty, elsewhere.)

That said, Saurav, there seem to be a couple of issues with what's been offered here. First, it seems you meant to refer to two different urls above, right? But they are currently the same:

https://helpx.adobe.com/coldfusion/kb/authenticate-imap-pop-smtp-connection-oauth.html

If you correct that, can you please offer a reply here to let folks know you have?

Second, in that page the technote doesn't clarify whether people should repeat the process for each instance, if they have more than just the cfusion one whose folders you detail. While some would presume to repeat the steps for each, some others might wonder whether they are SUPPOSED to, while most others wouldn't realize it could matter either way--and I suspect it very much does. So could you please clarify, again both there and here? Thanks.

/Charlie (troubleshooter, carehart. org)

S

Saurav_Ghosh

Author

Community Manager

Thank you, Charlie, for the reply. To answer your first question, both the URLs are the same. The second one is more to let users know that the KB document also contains steps to apply the update for cfexchange.

As far as the second question is concerned, let me get back to you on this. I've asked the engg team for a response.

Thanks,

Saurav

Charlie Arehart

Community Expert

Thanks.

1) So I see now that the one technote has TWO sections, with the second having a sub-heading of "Apply the update for cfexchange".

Sadly, the top of the technote really doesn't make that clear, and it would be really helpful if it did--especially for the sake of folks who are being pointed to the technote from elsewhere (slack, twitter, and the tracker ticket on the matter), who may not see the clarification you've offered here.

2) On a separate matter, I notice that the code in the first section names a response.cfm file in the various redirect URLs (within the cfoauth and cfhttp code), but only the second section of the technote actually indicates a code section having that response.cfm file as its name.

Is it that for each of the "get the access token" references (for the smtp, imap, and pop examples), those should have been indicated to be the "response.cfm" referred to for that example? That should be indicated.

3) And since the redirect urls refer to localhost:8500, there should be at least a little clarification in the technote about what that means (and how it may differ for some folks), and most importantly WHERE that response.cfm would be expected to be placed, to be found via that URL.

And people would probably really want such processing done in pages that were in their regular web app code. Some insight into how they should proceed in that respect would be helpful.

4) And if someone might argue "a technote is not the place for all that detail", then fair enough: such things could be discussed in a docs page, and the technote changed to point to that.

5) Finally, it's not clear if that last sentence (about "impersonating a user" and the new jvm arg) is referring ONLY to the last section on cfexchange or perhaps also is related to the first section. Can you perhaps get that clarified in the note?

As it stands, there is already chatter going on in the tracker ticket about people trying to do what the technote says, and surely many discussions will happen in slack and twitter, etc., if not also here, discussing various aspects of applying the steps in this technote.

That's why I'm trying to get the technote itself to better clarify things--or point to a docs page that does.

As always, just trying to help--not merely to criticize.

/Charlie (troubleshooter, carehart. org)

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded