From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Thomas Fitzsimmons Newsgroups: gmane.emacs.bugs Subject: bug#50113: Excorporate: Communicating with domain that requires SSO? Date: Mon, 13 Mar 2023 12:30:51 -0400 Message-ID: References: <2d3d2184-37c3-46e8-8bda-6fe5c603672c@www.fastmail.com> <961bde13-0446-48f5-b3d9-d6098c767353@www.fastmail.com> <87h7245rt1.fsf@gnus.org> <87a60gps0m.fsf@mailfence.com> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="20021"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: Lars Ingebrigtsen , 50113@debbugs.gnu.org, Justin Abrahms To: ParetoOptimal Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Mon Mar 13 17:32:42 2023 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pbl6G-0004tJ-MJ for geb-bug-gnu-emacs@m.gmane-mx.org; Mon, 13 Mar 2023 17:32:41 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pbl5s-0001IA-Bd; Mon, 13 Mar 2023 12:32:16 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pbl5g-0001HW-5Y for bug-gnu-emacs@gnu.org; Mon, 13 Mar 2023 12:32:05 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pbl5e-0005LF-KP for bug-gnu-emacs@gnu.org; Mon, 13 Mar 2023 12:32:03 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1pbl5e-0004Uu-5W for bug-gnu-emacs@gnu.org; Mon, 13 Mar 2023 12:32:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Thomas Fitzsimmons Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 13 Mar 2023 16:32:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 50113 X-GNU-PR-Package: emacs Original-Received: via spool by 50113-submit@debbugs.gnu.org id=B50113.167872506217220 (code B ref 50113); Mon, 13 Mar 2023 16:32:02 +0000 Original-Received: (at 50113) by debbugs.gnu.org; 13 Mar 2023 16:31:02 +0000 Original-Received: from localhost ([127.0.0.1]:35513 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pbl4g-0004Tg-AT for submit@debbugs.gnu.org; Mon, 13 Mar 2023 12:31:02 -0400 Original-Received: from mail.fitzsim.org ([69.165.165.189]:57100) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pbl4e-0004TB-Cc for 50113@debbugs.gnu.org; Mon, 13 Mar 2023 12:31:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=fitzsim.org ; s=20220430; h=Content-Type:MIME-Version:Message-ID:Date:References: In-Reply-To:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=pQygYHsig29jnygTscJ1sw9q0XLOIdqovx04o47MW4o=; b=EIvtE+/sW8K/yID5jgVvUi/I/Q l7ODOVa4wOZmuAmHirEz3ZYMf5pNh2DK3yMhdFi1apE1twYtJj7XutvCSFfufdY1gKGve96jc0KJE E69ONex153C/xtQ6VgcM39B3smvHyqkn5/lVV8Dc464F17o29kV6qMFcO2ktIjrMO0tg75fvhIhdn qkenQtbGwK6miNMeNExf99eo5Px6jVuTweQNc6A5rLZkWYTB+8VUjnQrq8GRs+Oh1IR50bZhz6PGB SqsNPp+tmnhSgV7T8dFQ4DXiuMlN8971/t03jiuMF98OgQr8oAxSDKgCGh0sqZZycVJUMQ/nvJeeE ObtFbqDQ==; Original-Received: from [192.168.1.1] (helo=localhost.localdomain) by mail.fitzsim.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1pbl4W-000JQs-TO; Mon, 13 Mar 2023 12:30:53 -0400 In-Reply-To: <87a60gps0m.fsf@mailfence.com> (ParetoOptimal's message of "Mon, 13 Mar 2023 10:53:13 -0500") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.bugs:257913 Archived-At: Hi, ParetoOptimal writes: >> As a starting point, are you able to make DavMail retrieve your calendar >> items? > > Hello! I'm able to use davmail successfully, but I'm not sure how to > verify how my calendar is working. OK, thanks for following up. > I guess I'll try following > https://davmail.sourceforge.net/thunderbirdcalendarsetup.html and verify > it works with thunderbird? Sure, that'd be proof that something is working. > I did try going to the caldav url fom the instructions above: > > http://localhost:1080/users/mail@company.com/calendar > > But i received an error, so it's very possible that may not work or may > need a new url. > >> If yes, check if it uses, or can be configured to use, EWS >> rather than WebDAV. > > You mean if davmail can be configured to expose the calendar as EWS > rather than WebDAV or caldav format right? Because excorporate is only > capable of consuming EWS? No; my eventual goal is to help you get Excorporate communicating directly with the Exchange server, without needing DavMail. Today, Excorporate can only do that using EWS, not WebDAV. I was asking whether you can configure DavMail to use EWS, instead of WebDAV, to communicate with the Exchange server. If you can get DavMail communicating with the Exchange server using EWS (independent of Excorporate), then that proves a) your administrators allow access to the EWS APIs, and b) DavMail can successfully authenticate to your Exchange server. If (a) works, and (b) works using OAuth 2.0, then that's what this bug report intends to eventually provide support for in Emacs. If (a) does not work, then either Excorporate will not work, or someone could add WebDAV support to Excorporate. >> If you can make DavMail + EWS work somehow, then >> there's hope for Excorporate in your environment, with some oauth2.el >> integration effort. > > If DavMail is working, what is the need for oauth2.el? Interesting timing; I just pushed the start of url-http-oauth yesterday, but it's only the skeleton so far: https://git.sr.ht/~fitzsim/url-http-oauth url-retrieve operations are buried deep within Excorporate and soap-client. So oauth2.el's crucial TODO item about integrating with the URL library is relevant. It was never clear to me how to use oauth2.el to good effect, assuming a dependence on `url-retrieve'. So I'm writing another mode, similar to url-http-ntlm. This new mode will use the encrypted auth-source database to store Bearer tokens instead of plstore. Initially I will validate the mode with a demo package that authenticates to https://meta.sr.ht/query. Sourcehut has implemented OAuth 2.0 in a perfectly Free Software-friendly way. So I will validate that it works first. This should result in a URL add-on library that is well-integrated with Emacs, and maintainable, at least for one hospitable OAuth 2.0 provider. > It seems like a sensible lowest-effort way to get excorporate working > with SSO would be to totally depend on DavMail. One of Excorporate's main mandates is to have no middle-process. Similar to how Gnus doesn't need an external process to communicate with IMAP and SMTP servers. At this point I consider an Excorporate-to-DavMail integration a non-goal; it's not something I'd be interested in maintaining, anyway. Definitely try to get Emacs working with your calendar, and depend on DavMail exclusively. But there are probably better ways to do that, which don't involve Excorporate at all. > I tried to research whether this is possible, but unsurprisingly > searching "davmail calendar EWS" gave poor results. It seems to be covered here (via Searx): https://davmail.sourceforge.net/faq.html A search for "davmail calendar Excorporate" would probably eventually lead you back to this bug report. Thomas