import evolution-ews-3.28.5-10.el8

This commit is contained in:
CentOS Sources 2020-10-09 06:08:32 +00:00 committed by Andrew Lukoshko
parent f97bc357ba
commit d071d6a038
3 changed files with 839 additions and 1 deletions

View File

@ -0,0 +1,707 @@
diff -up evolution-ews-3.28.5/CMakeLists.txt.oauth2-endpoints evolution-ews-3.28.5/CMakeLists.txt
--- evolution-ews-3.28.5/CMakeLists.txt.oauth2-endpoints 2020-10-07 17:08:15.761562791 +0200
+++ evolution-ews-3.28.5/CMakeLists.txt 2020-10-07 17:08:15.762562790 +0200
@@ -195,6 +195,12 @@ if(WITH_OFFICE365_REDIRECT_URI STREQUAL
set(WITH_OFFICE365_REDIRECT_URI "https://login.microsoftonline.com/common/oauth2/nativeclient")
endif(WITH_OFFICE365_REDIRECT_URI STREQUAL "")
+add_printable_variable(WITH_OFFICE365_ENDPOINT_HOST "Office365.com OAuth 2.0 endpoint host" "")
+
+if(WITH_OFFICE365_ENDPOINT_HOST STREQUAL "")
+ set(WITH_OFFICE365_ENDPOINT_HOST "login.microsoftonline.com")
+endif(WITH_OFFICE365_ENDPOINT_HOST STREQUAL "")
+
# ******************************
# Special directories
# ******************************
diff -up evolution-ews-3.28.5/config.h.in.oauth2-endpoints evolution-ews-3.28.5/config.h.in
--- evolution-ews-3.28.5/config.h.in.oauth2-endpoints 2018-07-30 16:01:00.000000000 +0200
+++ evolution-ews-3.28.5/config.h.in 2020-10-07 17:08:15.762562790 +0200
@@ -29,3 +29,6 @@
/* Define Office365 OAuth 2.0 default Redirect URI to use */
#define OFFICE365_REDIRECT_URI "@WITH_OFFICE365_REDIRECT_URI@"
+
+/* Define Office365 OAuth 2.0 default Endpoint Host to use */
+#define OFFICE365_ENDPOINT_HOST "@WITH_OFFICE365_ENDPOINT_HOST@"
diff -up evolution-ews-3.28.5/src/configuration/e-mail-config-ews-backend.c.oauth2-endpoints evolution-ews-3.28.5/src/configuration/e-mail-config-ews-backend.c
--- evolution-ews-3.28.5/src/configuration/e-mail-config-ews-backend.c.oauth2-endpoints 2020-10-07 17:08:15.761562791 +0200
+++ evolution-ews-3.28.5/src/configuration/e-mail-config-ews-backend.c 2020-10-07 17:08:15.762562790 +0200
@@ -29,6 +29,7 @@
#include <mail/e-mail-config-receiving-page.h>
#include "server/camel-ews-settings.h"
+#include "server/e-oauth2-service-office365.h"
#include "e-mail-config-ews-autodiscover.h"
#include "e-ews-config-utils.h"
@@ -50,6 +51,8 @@ struct _EMailConfigEwsBackendPrivate {
GtkWidget *oauth2_tenant_entry;
GtkWidget *oauth2_client_id_entry;
GtkWidget *oauth2_redirect_uri_entry;
+ GtkWidget *oauth2_resource_uri_entry;
+ GtkWidget *oauth2_endpoint_host_entry;
};
G_DEFINE_DYNAMIC_TYPE (
@@ -156,6 +159,11 @@ mail_config_ews_backend_insert_widgets (
GtkLabel *label;
GtkWidget *widget;
GtkWidget *container;
+ GtkWidget *expander;
+ GtkWidget *advanced_help;
+ GtkWidget *endpoint_host_label;
+ GtkWidget *redirect_uri_label;
+ GtkWidget *resource_uri_label;
const gchar *extension_name;
const gchar *text;
gchar *markup;
@@ -381,11 +389,62 @@ mail_config_ews_backend_insert_widgets (
_("There is not set any default application ID"),
g_strdup_printf (_("Default application ID is “%s”"), OFFICE365_CLIENT_ID));
- widget = gtk_label_new_with_mnemonic (_("_Redirect URI:"));
+ container = gtk_box_new (GTK_ORIENTATION_HORIZONTAL, 6);
+ gtk_grid_attach (priv->oauth2_settings_grid, container, 0, 3, 2, 1);
+
+ widget = gtk_expander_new_with_mnemonic (_("_Advanced Settings"));
+ gtk_widget_set_margin_left (widget, 12);
+ gtk_box_pack_start (GTK_BOX (container), widget, FALSE, FALSE, 0);
+ expander = widget;
+
+ e_binding_bind_property (
+ priv->oauth2_override_check, "active",
+ widget, "sensitive",
+ G_BINDING_SYNC_CREATE);
+
+ markup = g_markup_printf_escaped ("(<a href=\"https://wiki.gnome.org/Apps/Evolution/EWS/OAuth2#Alternative_endpoints\">%s</a>)", _("Help…"));
+ widget = gtk_label_new (markup);
+ gtk_label_set_use_markup (GTK_LABEL (widget), TRUE);
+ gtk_misc_set_alignment (GTK_MISC (widget), 0.0, 0.5);
+ gtk_box_pack_start (GTK_BOX (container), widget, FALSE, FALSE, 0);
+ g_free (markup);
+ advanced_help = widget;
+
+ widget = gtk_label_new_with_mnemonic (_("_Endpoint host:"));
+ gtk_widget_set_margin_left (widget, 12);
+ gtk_misc_set_alignment (GTK_MISC (widget), 1.0, 0.5);
+ gtk_grid_attach (priv->oauth2_settings_grid, widget, 0, 4, 1, 1);
+ label = GTK_LABEL (widget);
+ endpoint_host_label = widget;
+
+ e_binding_bind_property (
+ priv->oauth2_override_check, "active",
+ widget, "sensitive",
+ G_BINDING_SYNC_CREATE);
+
+ widget = gtk_entry_new ();
+ gtk_widget_set_hexpand (widget, TRUE);
+ gtk_label_set_mnemonic_widget (label, widget);
+ gtk_grid_attach (priv->oauth2_settings_grid, widget, 1, 4, 1, 1);
+ priv->oauth2_endpoint_host_entry = widget;
+
+ e_binding_bind_property (
+ priv->oauth2_override_check, "active",
+ widget, "sensitive",
+ G_BINDING_SYNC_CREATE);
+
+ markup = g_strdup_printf (_("Default endpoint host is “%s”"), "login.microsoftonline.com");
+ mail_config_ews_backend_set_oauth2_tooltip (widget, OFFICE365_ENDPOINT_HOST,
+ markup,
+ g_strdup_printf (_("Default endpoint host is “%s”"), OFFICE365_ENDPOINT_HOST));
+ g_free (markup);
+
+ widget = gtk_label_new_with_mnemonic (_("Red_irect URI:"));
gtk_widget_set_margin_left (widget, 12);
gtk_misc_set_alignment (GTK_MISC (widget), 1.0, 0.5);
- gtk_grid_attach (priv->oauth2_settings_grid, widget, 0, 3, 1, 1);
+ gtk_grid_attach (priv->oauth2_settings_grid, widget, 0, 5, 1, 1);
label = GTK_LABEL (widget);
+ redirect_uri_label = widget;
e_binding_bind_property (
priv->oauth2_override_check, "active",
@@ -395,7 +454,7 @@ mail_config_ews_backend_insert_widgets (
widget = gtk_entry_new ();
gtk_widget_set_hexpand (widget, TRUE);
gtk_label_set_mnemonic_widget (label, widget);
- gtk_grid_attach (priv->oauth2_settings_grid, widget, 1, 3, 1, 1);
+ gtk_grid_attach (priv->oauth2_settings_grid, widget, 1, 5, 1, 1);
priv->oauth2_redirect_uri_entry = widget;
e_binding_bind_property (
@@ -409,8 +468,77 @@ mail_config_ews_backend_insert_widgets (
g_strdup_printf (_("Default redirect URI is “%s”"), OFFICE365_REDIRECT_URI));
g_free (markup);
+ widget = gtk_label_new_with_mnemonic (_("Re_source URI:"));
+ gtk_widget_set_margin_left (widget, 12);
+ gtk_misc_set_alignment (GTK_MISC (widget), 1.0, 0.5);
+ gtk_grid_attach (priv->oauth2_settings_grid, widget, 0, 6, 1, 1);
+ label = GTK_LABEL (widget);
+ resource_uri_label = widget;
+
+ e_binding_bind_property (
+ priv->oauth2_override_check, "active",
+ widget, "sensitive",
+ G_BINDING_SYNC_CREATE);
+
+ widget = gtk_entry_new ();
+ gtk_widget_set_hexpand (widget, TRUE);
+ gtk_label_set_mnemonic_widget (label, widget);
+ gtk_grid_attach (priv->oauth2_settings_grid, widget, 1, 6, 1, 1);
+ priv->oauth2_resource_uri_entry = widget;
+
+ e_binding_bind_property (
+ priv->oauth2_override_check, "active",
+ widget, "sensitive",
+ G_BINDING_SYNC_CREATE);
+
+ markup = g_strdup_printf (_("Default resource URI is derived from the Host URL, or it can eventually fall back to “%s”."), OFFICE365_FALLBACK_RESOURCE_URI);
+ mail_config_ews_backend_set_oauth2_tooltip (widget, NULL,
+ markup,
+ NULL);
+ g_free (markup);
+
gtk_widget_show_all (GTK_WIDGET (priv->oauth2_settings_grid));
+ gtk_expander_set_expanded (GTK_EXPANDER (expander),
+ e_ews_util_strcmp0 (camel_ews_settings_get_oauth2_endpoint_host (CAMEL_EWS_SETTINGS (settings)), NULL) != 0 ||
+ e_ews_util_strcmp0 (camel_ews_settings_get_oauth2_redirect_uri (CAMEL_EWS_SETTINGS (settings)), NULL) != 0 ||
+ e_ews_util_strcmp0 (camel_ews_settings_get_oauth2_resource_uri (CAMEL_EWS_SETTINGS (settings)), NULL) != 0);
+
+ e_binding_bind_property (
+ expander, "expanded",
+ advanced_help, "visible",
+ G_BINDING_SYNC_CREATE);
+
+ e_binding_bind_property (
+ expander, "expanded",
+ endpoint_host_label, "visible",
+ G_BINDING_SYNC_CREATE);
+
+ e_binding_bind_property (
+ expander, "expanded",
+ priv->oauth2_endpoint_host_entry, "visible",
+ G_BINDING_SYNC_CREATE);
+
+ e_binding_bind_property (
+ expander, "expanded",
+ redirect_uri_label, "visible",
+ G_BINDING_SYNC_CREATE);
+
+ e_binding_bind_property (
+ expander, "expanded",
+ priv->oauth2_redirect_uri_entry, "visible",
+ G_BINDING_SYNC_CREATE);
+
+ e_binding_bind_property (
+ expander, "expanded",
+ resource_uri_label, "visible",
+ G_BINDING_SYNC_CREATE);
+
+ e_binding_bind_property (
+ expander, "expanded",
+ priv->oauth2_resource_uri_entry, "visible",
+ G_BINDING_SYNC_CREATE);
+
e_binding_bind_property_full (
priv->auth_check, "active-mechanism",
priv->oauth2_settings_grid, "visible",
@@ -463,11 +591,23 @@ mail_config_ews_backend_insert_widgets (
G_BINDING_SYNC_CREATE);
e_binding_bind_object_text_property (
- settings, "oauth2-redirect_uri",
+ settings, "oauth2-redirect-uri",
priv->oauth2_redirect_uri_entry, "text",
G_BINDING_BIDIRECTIONAL |
G_BINDING_SYNC_CREATE);
+ e_binding_bind_object_text_property (
+ settings, "oauth2-resource-uri",
+ priv->oauth2_resource_uri_entry, "text",
+ G_BINDING_BIDIRECTIONAL |
+ G_BINDING_SYNC_CREATE);
+
+ e_binding_bind_object_text_property (
+ settings, "oauth2-endpoint-host",
+ priv->oauth2_endpoint_host_entry, "text",
+ G_BINDING_BIDIRECTIONAL |
+ G_BINDING_SYNC_CREATE);
+
extension_name = E_SOURCE_EXTENSION_COLLECTION;
source = e_mail_config_service_backend_get_collection (backend);
extension = e_source_get_extension (source, extension_name);
diff -up evolution-ews-3.28.5/src/server/camel-ews-settings.c.oauth2-endpoints evolution-ews-3.28.5/src/server/camel-ews-settings.c
--- evolution-ews-3.28.5/src/server/camel-ews-settings.c.oauth2-endpoints 2018-07-30 16:01:00.000000000 +0200
+++ evolution-ews-3.28.5/src/server/camel-ews-settings.c 2020-10-07 17:08:15.762562790 +0200
@@ -47,6 +47,8 @@ struct _CamelEwsSettingsPrivate {
gchar *oauth2_tenant;
gchar *oauth2_client_id;
gchar *oauth2_redirect_uri;
+ gchar *oauth2_resource_uri;
+ gchar *oauth2_endpoint_host;
};
enum {
@@ -74,7 +76,9 @@ enum {
PROP_OVERRIDE_OAUTH2,
PROP_OAUTH2_TENANT,
PROP_OAUTH2_CLIENT_ID,
- PROP_OAUTH2_REDIRECT_URI
+ PROP_OAUTH2_REDIRECT_URI,
+ PROP_OAUTH2_RESOURCE_URI,
+ PROP_OAUTH2_ENDPOINT_HOST
};
G_DEFINE_TYPE_WITH_CODE (
@@ -263,6 +267,18 @@ ews_settings_set_property (GObject *obje
CAMEL_EWS_SETTINGS (object),
g_value_get_string (value));
return;
+
+ case PROP_OAUTH2_RESOURCE_URI:
+ camel_ews_settings_set_oauth2_resource_uri (
+ CAMEL_EWS_SETTINGS (object),
+ g_value_get_string (value));
+ return;
+
+ case PROP_OAUTH2_ENDPOINT_HOST:
+ camel_ews_settings_set_oauth2_endpoint_host (
+ CAMEL_EWS_SETTINGS (object),
+ g_value_get_string (value));
+ return;
}
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
@@ -442,6 +458,20 @@ ews_settings_get_property (GObject *obje
camel_ews_settings_dup_oauth2_redirect_uri (
CAMEL_EWS_SETTINGS (object)));
return;
+
+ case PROP_OAUTH2_RESOURCE_URI:
+ g_value_take_string (
+ value,
+ camel_ews_settings_dup_oauth2_resource_uri (
+ CAMEL_EWS_SETTINGS (object)));
+ return;
+
+ case PROP_OAUTH2_ENDPOINT_HOST:
+ g_value_take_string (
+ value,
+ camel_ews_settings_dup_oauth2_endpoint_host (
+ CAMEL_EWS_SETTINGS (object)));
+ return;
}
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
@@ -466,6 +496,8 @@ ews_settings_finalize (GObject *object)
g_free (priv->oauth2_tenant);
g_free (priv->oauth2_client_id);
g_free (priv->oauth2_redirect_uri);
+ g_free (priv->oauth2_resource_uri);
+ g_free (priv->oauth2_endpoint_host);
/* Chain up to parent's finalize() method. */
G_OBJECT_CLASS (camel_ews_settings_parent_class)->finalize (object);
@@ -740,6 +772,30 @@ camel_ews_settings_class_init (CamelEwsS
G_PARAM_READWRITE |
G_PARAM_CONSTRUCT |
G_PARAM_STATIC_STRINGS));
+
+ g_object_class_install_property (
+ object_class,
+ PROP_OAUTH2_RESOURCE_URI,
+ g_param_spec_string (
+ "oauth2-resource-uri",
+ "OAuth2 Resource URI",
+ "OAuth2 Resource URI to use, only if override-oauth2 is TRUE, otherwise the compile-time value is used",
+ NULL,
+ G_PARAM_READWRITE |
+ G_PARAM_CONSTRUCT |
+ G_PARAM_STATIC_STRINGS));
+
+ g_object_class_install_property (
+ object_class,
+ PROP_OAUTH2_ENDPOINT_HOST,
+ g_param_spec_string (
+ "oauth2-endpoint-host",
+ "OAuth2 Endpoint Host",
+ "OAuth2 endpoint host to use, only if override-oauth2 is TRUE, otherwise the compile-time value is used",
+ NULL,
+ G_PARAM_READWRITE |
+ G_PARAM_CONSTRUCT |
+ G_PARAM_STATIC_STRINGS));
}
static void
@@ -1543,3 +1599,97 @@ camel_ews_settings_set_oauth2_redirect_u
g_object_notify (G_OBJECT (settings), "oauth2-redirect-uri");
}
+
+const gchar *
+camel_ews_settings_get_oauth2_resource_uri (CamelEwsSettings *settings)
+{
+ g_return_val_if_fail (CAMEL_IS_EWS_SETTINGS (settings), NULL);
+
+ return settings->priv->oauth2_resource_uri;
+}
+
+gchar *
+camel_ews_settings_dup_oauth2_resource_uri (CamelEwsSettings *settings)
+{
+ const gchar *protected;
+ gchar *duplicate;
+
+ g_return_val_if_fail (CAMEL_IS_EWS_SETTINGS (settings), NULL);
+
+ g_mutex_lock (&settings->priv->property_lock);
+
+ protected = camel_ews_settings_get_oauth2_resource_uri (settings);
+ duplicate = g_strdup (protected);
+
+ g_mutex_unlock (&settings->priv->property_lock);
+
+ return duplicate;
+}
+
+void
+camel_ews_settings_set_oauth2_resource_uri (CamelEwsSettings *settings,
+ const gchar *resource_uri)
+{
+ g_return_if_fail (CAMEL_IS_EWS_SETTINGS (settings));
+
+ g_mutex_lock (&settings->priv->property_lock);
+
+ if (g_strcmp0 (settings->priv->oauth2_resource_uri, resource_uri) == 0) {
+ g_mutex_unlock (&settings->priv->property_lock);
+ return;
+ }
+
+ g_free (settings->priv->oauth2_resource_uri);
+ settings->priv->oauth2_resource_uri = e_util_strdup_strip (resource_uri);
+
+ g_mutex_unlock (&settings->priv->property_lock);
+
+ g_object_notify (G_OBJECT (settings), "oauth2-resource-uri");
+}
+
+const gchar *
+camel_ews_settings_get_oauth2_endpoint_host (CamelEwsSettings *settings)
+{
+ g_return_val_if_fail (CAMEL_IS_EWS_SETTINGS (settings), NULL);
+
+ return settings->priv->oauth2_endpoint_host;
+}
+
+gchar *
+camel_ews_settings_dup_oauth2_endpoint_host (CamelEwsSettings *settings)
+{
+ const gchar *protected;
+ gchar *duplicate;
+
+ g_return_val_if_fail (CAMEL_IS_EWS_SETTINGS (settings), NULL);
+
+ g_mutex_lock (&settings->priv->property_lock);
+
+ protected = camel_ews_settings_get_oauth2_endpoint_host (settings);
+ duplicate = g_strdup (protected);
+
+ g_mutex_unlock (&settings->priv->property_lock);
+
+ return duplicate;
+}
+
+void
+camel_ews_settings_set_oauth2_endpoint_host (CamelEwsSettings *settings,
+ const gchar *endpoint_host)
+{
+ g_return_if_fail (CAMEL_IS_EWS_SETTINGS (settings));
+
+ g_mutex_lock (&settings->priv->property_lock);
+
+ if (g_strcmp0 (settings->priv->oauth2_endpoint_host, endpoint_host) == 0) {
+ g_mutex_unlock (&settings->priv->property_lock);
+ return;
+ }
+
+ g_free (settings->priv->oauth2_endpoint_host);
+ settings->priv->oauth2_endpoint_host = e_util_strdup_strip (endpoint_host);
+
+ g_mutex_unlock (&settings->priv->property_lock);
+
+ g_object_notify (G_OBJECT (settings), "oauth2-endpoint-host");
+}
diff -up evolution-ews-3.28.5/src/server/camel-ews-settings.h.oauth2-endpoints evolution-ews-3.28.5/src/server/camel-ews-settings.h
--- evolution-ews-3.28.5/src/server/camel-ews-settings.h.oauth2-endpoints 2018-07-30 16:01:00.000000000 +0200
+++ evolution-ews-3.28.5/src/server/camel-ews-settings.h 2020-10-07 17:08:15.763562790 +0200
@@ -167,6 +167,20 @@ gchar * camel_ews_settings_dup_oauth2_r
void camel_ews_settings_set_oauth2_redirect_uri
(CamelEwsSettings *settings,
const gchar *redirect_uri);
+const gchar * camel_ews_settings_get_oauth2_resource_uri
+ (CamelEwsSettings *settings);
+gchar * camel_ews_settings_dup_oauth2_resource_uri
+ (CamelEwsSettings *settings);
+void camel_ews_settings_set_oauth2_resource_uri
+ (CamelEwsSettings *settings,
+ const gchar *resource_uri);
+const gchar * camel_ews_settings_get_oauth2_endpoint_host
+ (CamelEwsSettings *settings);
+gchar * camel_ews_settings_dup_oauth2_endpoint_host
+ (CamelEwsSettings *settings);
+void camel_ews_settings_set_oauth2_endpoint_host
+ (CamelEwsSettings *settings,
+ const gchar *endpoint_host);
G_END_DECLS
diff -up evolution-ews-3.28.5/src/server/e-ews-connection.c.oauth2-endpoints evolution-ews-3.28.5/src/server/e-ews-connection.c
--- evolution-ews-3.28.5/src/server/e-ews-connection.c.oauth2-endpoints 2020-10-07 17:08:43.161554484 +0200
+++ evolution-ews-3.28.5/src/server/e-ews-connection.c 2020-10-07 17:09:20.338543223 +0200
@@ -9914,13 +9914,7 @@ ews_connection_gather_auth_methods_cb (S
if (!has_bearer) {
/* Special-case Office365 OAuth2, because outlook.office365.com doesn't advertise Bearer */
- SoupURI *suri;
-
- suri = soup_message_get_uri (message);
- if (suri && soup_uri_get_host (suri) &&
- g_ascii_strcasecmp (soup_uri_get_host (suri), "outlook.office365.com") == 0) {
- async_data->items = g_slist_prepend (async_data->items, g_strdup ("Bearer"));
- }
+ async_data->items = g_slist_prepend (async_data->items, g_strdup ("Bearer"));
}
g_object_set_data (G_OBJECT (simple), EWS_OBJECT_KEY_AUTHS_GATHERED, GINT_TO_POINTER (1));
diff -up evolution-ews-3.28.5/src/server/e-oauth2-service-office365.c.oauth2-endpoints evolution-ews-3.28.5/src/server/e-oauth2-service-office365.c
--- evolution-ews-3.28.5/src/server/e-oauth2-service-office365.c.oauth2-endpoints 2020-10-07 17:08:15.761562791 +0200
+++ evolution-ews-3.28.5/src/server/e-oauth2-service-office365.c 2020-10-07 17:09:30.526540133 +0200
@@ -28,8 +28,6 @@
https://tsmatz.wordpress.com/2016/10/07/application-permission-with-v2-endpoint-and-microsoft-graph/
*/
-#define OFFICE365_RESOURCE "https://outlook.office.com"
-
struct _EOAuth2ServiceOffice365Private
{
GMutex string_cache_lock;
@@ -53,8 +51,10 @@ eos_office365_cache_string (EOAuth2Servi
if (!str)
return NULL;
- if (!*str)
+ if (!*str) {
+ g_free (str);
return "";
+ }
g_mutex_lock (&oauth2_office365->priv->string_cache_lock);
@@ -71,6 +71,24 @@ eos_office365_cache_string (EOAuth2Servi
return cached_str;
}
+static const gchar *
+eos_office365_get_endpoint_host (EOAuth2ServiceOffice365 *oauth2_office365,
+ CamelEwsSettings *ews_settings)
+{
+ if (ews_settings && camel_ews_settings_get_override_oauth2 (ews_settings)) {
+ gchar *endpoint_host;
+
+ endpoint_host = camel_ews_settings_dup_oauth2_endpoint_host (ews_settings);
+
+ if (endpoint_host && *endpoint_host)
+ return eos_office365_cache_string (oauth2_office365, endpoint_host);
+
+ g_free (endpoint_host);
+ }
+
+ return OFFICE365_ENDPOINT_HOST;
+}
+
static CamelEwsSettings *
eos_office365_get_camel_settings (ESource *source)
{
@@ -92,8 +110,7 @@ eos_office365_guess_can_process (EOAuth2
const gchar *hostname)
{
return e_oauth2_services_is_supported () &&
- protocol && g_ascii_strcasecmp (protocol, "ews") == 0 &&
- hostname && e_util_utf8_strstrcase (hostname, "outlook.office365.com");
+ protocol && g_ascii_strcasecmp (protocol, "ews") == 0;
}
static const gchar *
@@ -158,7 +175,8 @@ eos_office365_get_authentication_uri (EO
}
res = eos_office365_cache_string (oauth2_office365,
- g_strdup_printf ("https://login.microsoftonline.com/%s/oauth2/authorize",
+ g_strdup_printf ("https://%s/%s/oauth2/authorize",
+ eos_office365_get_endpoint_host (oauth2_office365, ews_settings),
tenant ? tenant : OFFICE365_TENANT));
g_free (tenant);
@@ -166,7 +184,10 @@ eos_office365_get_authentication_uri (EO
return res;
}
- return "https://login.microsoftonline.com/" OFFICE365_TENANT "/oauth2/authorize";
+ return eos_office365_cache_string (oauth2_office365,
+ g_strdup_printf ("https://%s/%s/oauth2/authorize",
+ eos_office365_get_endpoint_host (oauth2_office365, ews_settings),
+ OFFICE365_TENANT));
}
static const gchar *
@@ -188,7 +209,8 @@ eos_office365_get_refresh_uri (EOAuth2Se
}
res = eos_office365_cache_string (oauth2_office365,
- g_strdup_printf ("https://login.microsoftonline.com/%s/oauth2/token",
+ g_strdup_printf ("https://%s/%s/oauth2/token",
+ eos_office365_get_endpoint_host (oauth2_office365, ews_settings),
tenant ? tenant : OFFICE365_TENANT));
g_free (tenant);
@@ -196,7 +218,10 @@ eos_office365_get_refresh_uri (EOAuth2Se
return res;
}
- return "https://login.microsoftonline.com/" OFFICE365_TENANT "/oauth2/token";
+ return eos_office365_cache_string (oauth2_office365,
+ g_strdup_printf ("https://%s/%s/oauth2/token",
+ eos_office365_get_endpoint_host (oauth2_office365, ews_settings),
+ OFFICE365_TENANT));
}
static const gchar *
@@ -220,13 +245,67 @@ eos_office365_get_redirect_uri (EOAuth2S
if (redirect_uri)
return eos_office365_cache_string (oauth2_office365, redirect_uri);
+
+ if (e_ews_util_strcmp0 (camel_ews_settings_get_oauth2_endpoint_host (ews_settings), NULL) != 0) {
+ return eos_office365_cache_string (oauth2_office365,
+ g_strdup_printf ("https://%s/common/oauth2/nativeclient",
+ eos_office365_get_endpoint_host (oauth2_office365, ews_settings)));
+ }
}
res = OFFICE365_REDIRECT_URI;
if (res && *res)
return res;
- return "https://login.microsoftonline.com/common/oauth2/nativeclient";
+ return eos_office365_cache_string (oauth2_office365,
+ g_strdup_printf ("https://%s/common/oauth2/nativeclient",
+ eos_office365_get_endpoint_host (oauth2_office365, ews_settings)));
+}
+
+static const gchar *
+eos_office365_get_resource_uri (EOAuth2Service *service,
+ ESource *source)
+{
+ EOAuth2ServiceOffice365 *oauth2_office365 = E_OAUTH2_SERVICE_OFFICE365 (service);
+ CamelEwsSettings *ews_settings;
+
+ ews_settings = eos_office365_get_camel_settings (source);
+ if (ews_settings && camel_ews_settings_get_override_oauth2 (ews_settings)) {
+ gchar *resource_uri;
+
+ resource_uri = camel_ews_settings_dup_oauth2_resource_uri (ews_settings);
+
+ if (resource_uri && !*resource_uri) {
+ g_free (resource_uri);
+ resource_uri = NULL;
+ }
+
+ if (resource_uri)
+ return eos_office365_cache_string (oauth2_office365, resource_uri);
+ }
+
+ if (ews_settings) {
+ gchar *host_url;
+
+ host_url = camel_ews_settings_dup_hosturl (ews_settings);
+
+ if (host_url && *host_url) {
+ gchar *ptr;
+
+ ptr = strstr (host_url, "://");
+ ptr = ptr ? strchr (ptr + 3, '/') : NULL;
+
+ if (ptr) {
+ *ptr = '\0';
+
+ return eos_office365_cache_string (oauth2_office365, host_url);
+ }
+ }
+
+ g_free (host_url);
+ }
+
+ return OFFICE365_FALLBACK_RESOURCE_URI;
}
static void
@@ -238,7 +317,7 @@ eos_office365_prepare_authentication_uri
e_oauth2_service_util_set_to_form (uri_query, "response_mode", "query");
e_oauth2_service_util_set_to_form (uri_query, "prompt", "login");
- e_oauth2_service_util_set_to_form (uri_query, "resource", OFFICE365_RESOURCE);
+ e_oauth2_service_util_set_to_form (uri_query, "resource", eos_office365_get_resource_uri (service, source));
}
static gboolean
@@ -305,7 +384,7 @@ eos_office365_prepare_refresh_token_form
{
g_return_if_fail (form != NULL);
- e_oauth2_service_util_set_to_form (form, "resource", OFFICE365_RESOURCE);
+ e_oauth2_service_util_set_to_form (form, "resource", eos_office365_get_resource_uri (service, source));
e_oauth2_service_util_set_to_form (form, "redirect_uri", e_oauth2_service_get_redirect_uri (service, source));
}
@@ -369,3 +448,16 @@ e_oauth2_service_office365_type_register
{
e_oauth2_service_office365_register_type (type_module);
}
+
+gint
+e_ews_util_strcmp0 (const gchar *str1,
+ const gchar *str2)
+{
+ if (str1 && !*str1)
+ str1 = NULL;
+
+ if (str2 && !*str2)
+ str2 = NULL;
+
+ return g_strcmp0 (str1, str2);
+}
diff -up evolution-ews-3.28.5/src/server/e-oauth2-service-office365.h.oauth2-endpoints evolution-ews-3.28.5/src/server/e-oauth2-service-office365.h
--- evolution-ews-3.28.5/src/server/e-oauth2-service-office365.h.oauth2-endpoints 2018-07-30 16:01:00.000000000 +0200
+++ evolution-ews-3.28.5/src/server/e-oauth2-service-office365.h 2020-10-07 17:08:15.763562790 +0200
@@ -39,6 +39,8 @@
(G_TYPE_INSTANCE_GET_CLASS \
((obj), E_TYPE_OAUTH2_SERVICE_OFFICE365, EOAuth2ServiceOffice365Class))
+#define OFFICE365_FALLBACK_RESOURCE_URI "https://outlook.office365.com"
+
G_BEGIN_DECLS
typedef struct _EOAuth2ServiceOffice365 EOAuth2ServiceOffice365;
@@ -59,6 +61,9 @@ GType e_oauth2_service_office365_get_ty
void e_oauth2_service_office365_type_register
(GTypeModule *type_module);
+gint e_ews_util_strcmp0 (const gchar *str1,
+ const gchar *str2);
+
G_END_DECLS
#endif /* E_OAUTH2_SERVICE_OFFICE365_H */

View File

@ -0,0 +1,119 @@
From bf0f75de095dc7ecb7171ab61009fab2631b4bee Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Tue, 2 Apr 2019 16:06:35 +0200
Subject: [PATCH] M!1 - Simplify OAuth2 for outlook.office365.com server
Two changes:
1) preset default tenant to "common"
2) do not pass 'scope' parameter in the requests, which is optional
and can cause errors like:
error:invalid_request description:AADSTS65002:
Consent between first party applications and resources must be
configured via preauthorization.
Closes https://gitlab.gnome.org/GNOME/evolution-ews/merge_requests/1
---
CMakeLists.txt | 2 +-
src/configuration/e-mail-config-ews-backend.c | 15 +++------------
src/server/e-oauth2-service-office365.c | 17 -----------------
3 files changed, 4 insertions(+), 30 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index e8ea9875..dbc58832 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -180,7 +180,7 @@ endif(ENABLE_TESTS)
add_printable_variable(WITH_OFFICE365_TENANT "Office365.com OAuth 2.0 tenant" "")
if(WITH_OFFICE365_TENANT STREQUAL "")
- set(WITH_OFFICE365_TENANT "")
+ set(WITH_OFFICE365_TENANT "common")
endif(WITH_OFFICE365_TENANT STREQUAL "")
add_printable_variable(WITH_OFFICE365_CLIENT_ID "Office365.com OAuth 2.0 client ID" "")
diff --git a/src/configuration/e-mail-config-ews-backend.c b/src/configuration/e-mail-config-ews-backend.c
index fbf341b2..e62d3922 100644
--- a/src/configuration/e-mail-config-ews-backend.c
+++ b/src/configuration/e-mail-config-ews-backend.c
@@ -348,9 +348,9 @@ mail_config_ews_backend_insert_widgets (EMailConfigServiceBackend *backend,
G_BINDING_SYNC_CREATE);
mail_config_ews_backend_set_oauth2_tooltip (widget, OFFICE365_TENANT,
- /* Translators: 'Tenant' here means a term used by Microsoft to identify a company or organization in an Office 365 world.
+ /* Translators: 'Tenant' here means a term used by Microsoft to identify a company or organization in an Office 365 world. Same for 'common', it's a default URL path.
You probably do not want to translate it. More for example here: https://powerbi.microsoft.com/en-us/blog/what-is-a-tenant/ */
- _("There is not set any default tenant"),
+ _("Default tenant is “common“"),
/* Translators: 'Tenant' here means a term used by Microsoft to identify a company or organization in an Office 365 world.
You probably do not want to translate it. More for example here: https://powerbi.microsoft.com/en-us/blog/what-is-a-tenant/ */
g_strdup_printf (_("Default tenant is “%s”"), OFFICE365_TENANT));
@@ -586,23 +586,14 @@ mail_config_ews_backend_check_complete (EMailConfigServiceBackend *backend)
e_util_set_entry_issue_hint (priv->user_entry, correct ? NULL : _("User name cannot be empty"));
if (correct && camel_ews_settings_get_auth_mechanism (ews_settings) == EWS_AUTH_TYPE_OAUTH2) {
- const gchar *tenant, *client_id;
+ const gchar *client_id;
if (camel_ews_settings_get_override_oauth2 (ews_settings)) {
- tenant = camel_ews_settings_get_oauth2_tenant (ews_settings);
client_id = camel_ews_settings_get_oauth2_client_id (ews_settings);
} else {
- tenant = OFFICE365_TENANT;
client_id = OFFICE365_CLIENT_ID;
}
- correct = tenant && *tenant;
- complete = complete && correct;
-
- /* Translators: 'Tenant' here means a term used by Microsoft to identify a company or organization in an Office 365 world.
- You probably do not want to translate it. More for example here: https://powerbi.microsoft.com/en-us/blog/what-is-a-tenant/ */
- e_util_set_entry_issue_hint (priv->oauth2_tenant_entry, correct ? NULL : _("Tenant cannot be empty"));
-
correct = client_id && *client_id;
complete = complete && correct;
diff --git a/src/server/e-oauth2-service-office365.c b/src/server/e-oauth2-service-office365.c
index 4be84f6f..d660458c 100644
--- a/src/server/e-oauth2-service-office365.c
+++ b/src/server/e-oauth2-service-office365.c
@@ -30,21 +30,6 @@
#define OFFICE365_RESOURCE "https://outlook.office.com"
-#define OFFICE365_SCOPE "openid offline_access profile " \
- "Mail.ReadWrite " \
- "Mail.ReadWrite.Shared " \
- "Mail.Send " \
- "Mail.Send.Shared " \
- "Calendars.ReadWrite " \
- "Calendars.ReadWrite.Shared " \
- "Contacts.ReadWrite " \
- "Contacts.ReadWrite.Shared " \
- "Tasks.ReadWrite " \
- "Tasks.ReadWrite.Shared " \
- "MailboxSettings.ReadWrite " \
- "People.Read " \
- "User.ReadBasic.All"
-
struct _EOAuth2ServiceOffice365Private
{
GMutex string_cache_lock;
@@ -253,7 +238,6 @@ eos_office365_prepare_authentication_uri_query (EOAuth2Service *service,
e_oauth2_service_util_set_to_form (uri_query, "response_mode", "query");
e_oauth2_service_util_set_to_form (uri_query, "prompt", "login");
- e_oauth2_service_util_set_to_form (uri_query, "scope", OFFICE365_SCOPE);
e_oauth2_service_util_set_to_form (uri_query, "resource", OFFICE365_RESOURCE);
}
@@ -321,7 +305,6 @@ eos_office365_prepare_refresh_token_form (EOAuth2Service *service,
{
g_return_if_fail (form != NULL);
- e_oauth2_service_util_set_to_form (form, "scope", OFFICE365_SCOPE);
e_oauth2_service_util_set_to_form (form, "resource", OFFICE365_RESOURCE);
e_oauth2_service_util_set_to_form (form, "redirect_uri", e_oauth2_service_get_redirect_uri (service, source));
}
--
GitLab

View File

@ -2,7 +2,7 @@
Name: evolution-ews Name: evolution-ews
Version: 3.28.5 Version: 3.28.5
Release: 9%{?dist} Release: 10%{?dist}
Group: Applications/Productivity Group: Applications/Productivity
Summary: Evolution extension for Exchange Web Services Summary: Evolution extension for Exchange Web Services
License: LGPLv2 License: LGPLv2
@ -40,6 +40,12 @@ Patch09: evolution-ews-3.28.5-sync-category-list.patch
# RH bug #1765005 # RH bug #1765005
Patch10: evolution-ews-3.28.5-save-only-if-organizer.patch Patch10: evolution-ews-3.28.5-save-only-if-organizer.patch
# RH bug #1886026
Patch11: evolution-ews-3.28.5-oauth2-simplify.patch
# RH bug #1885229
Patch12: evolution-ews-3.28.5-oauth2-endpoints.patch
Requires: evolution >= %{eds_evo_version} Requires: evolution >= %{eds_evo_version}
Requires: evolution-data-server >= %{eds_evo_version} Requires: evolution-data-server >= %{eds_evo_version}
Requires: %{name}-langpacks = %{version}-%{release} Requires: %{name}-langpacks = %{version}-%{release}
@ -89,6 +95,8 @@ This package contains translations for %{name}.
%patch08 -p1 -b .birthday-date %patch08 -p1 -b .birthday-date
%patch09 -p1 -b .sync-category-list %patch09 -p1 -b .sync-category-list
%patch10 -p1 -b .save-only-if-organizer %patch10 -p1 -b .save-only-if-organizer
%patch11 -p1 -b .oauth2-simplify
%patch12 -p1 -b .oauth2-endpoints
%build %build
@ -129,6 +137,10 @@ make install DESTDIR=$RPM_BUILD_ROOT
%files langpacks -f _build/%{name}.lang %files langpacks -f _build/%{name}.lang
%changelog %changelog
* Wed Oct 07 2020 Milan Crha <mcrha@redhat.com> - 3.28.5-10
- Resolves: #1886026 (Simplify OAuth2 for outlook.office365.com server)
- Resolves: #1885229 (Allow change of the Microsoft 365 OAuth2 endpoints)
* Wed Nov 13 2019 Milan Crha <mcrha@redhat.com> - 3.28.5-9 * Wed Nov 13 2019 Milan Crha <mcrha@redhat.com> - 3.28.5-9
- Remove patch for RH bug #1765005 (Reject creating meetings organized by other users) - Remove patch for RH bug #1765005 (Reject creating meetings organized by other users)