Microsoft 365: Authentication error using OAuth2 after a while
Categories
(Thunderbird :: Account Manager, defect)
Tracking
(Not tracked)
People
(Reporter: alex, Unassigned)
References
Details
Attachments
(2 files)
Screenshot showing the log in Azure. The login was successful.
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0
Steps to reproduce:
Add a Microsoft 365 Account using OAuth2 as authentication method.
At first Thunderbird will work just fine. However every 90 minutes or so the connection seems to be renegotiated and sometimes Thunderbird will claim that there was an authentication error and stop synchronizing mails.
This bug is urgent as Microsoft 365 will disable basic auth in October and then OAuth2 will be the only way to connect Thunderbird.
Actual results:
Thunderbird will show an authentication error when the connection is renegotiated. The error message reads:
"authentication error trying to connect to server outlook.office365.com"
At the same time, the log in the Azure Active Directory shows that Azure claims the login attempt was successful. I have attached a screenshot that shows the error in the actitvity log of Thunderbird and the success massage in Azure at the exact same timestamp.
Also there is no error message in Thunderbird. It just stops fetching mails. The only way to see that something is wrong, is be checking the activity log and by noticing that Thunderbird doesn't respond to actions like moving emails into different folders.
Expected results:
Thunderbird should not display and authentication error as the login was successful according to Azure Active Directory.
In addition, if the authentication fails, Thunderbird should try again and display an error message to the user to let them know that there is no connection.
|
||
Updated•2 years ago
|
Yes, I still have the issue using Thunderbird 102.3.1 (64 bit).
I'm also accessing the Office 365 account using the Android App "FairEmail" with OAuth2 on the same network and this app works without any errors around the clock. This leads me to believe that the issue lies with Thunderbird.
|
|
||
Updated•2 years ago
|
|
||
Comment 5•2 years ago
|
||
I don't think we should do anything with this until the patch for bug 1685414 lands. Our current Microsoft oAuth config is messed up in a variety of ways which are resolved there.
@Alex Do you mind testing on beta when it's updated? Ideally it would be good to confirm this is also fixed at that point.
Of course I would be willing to test this.
Is the OAuth config reworked in 107.0b3 and do I have to reauthenticate with this version?
|
||
Comment 7•2 years ago
|
||
(In reply to Alex from comment #6)
Is the OAuth config reworked in 107.0b3 and do I have to reauthenticate with this version?
I think you do, the client ID has changed from 08162f7c-0fd2-4200-a84a-f25a4db0b584 to 9e5f94bc-e8a4-4e73-b8be-63364c29d753. I'm trying to get the new client ID authorized here to confirm as I've been affected by this too.
|
|
||
Comment 8•2 years ago
|
||
(In reply to Alex from comment #6)
Of course I would be willing to test this.
Alex, what are your results with the newer beta?
|
|
||
Comment 9•2 years ago
|
||
For what it's worth, I was seeing the same issue reported here and had to manually click the "fetch messages" button in the toolbar once I started getting those authentication error messages.
After upgrading to the recent beta releases with the new OAuth configurations, this issue has disappeared for me. I did start getting a slightly annoying one, where resuming from suspend or reconnecting to my VPN causes the Azure AD login window to pop up again and I need to reenter my credentials, but I guess that's a different bug.
|
Reporter | |
Comment 10•2 years ago
|
||
(In reply to Wayne Mery (:wsmwk) from comment #8)
(In reply to Alex from comment #6)
Of course I would be willing to test this.
Alex, what are your results with the newer beta?
I will test it with Thunderbird 108.0b2 over the next few days. I will get back to you no later than the middle of next week.
|
|
Reporter | |
Comment 11•2 years ago
|
||
I started the test at around 09:00 and now at 10:29 I have received another authentication error for one account.
This account in Thunderbird is once again almost completely dead. I can create a new draft, but I can't even move that into my inbox or move any other mail. Thunderbird just doesn't respond to any action for this account anymore.
And just like before the login was successful according to Azure active directory.
|
|
||
Comment 12•1 year ago
|
||
Are you still seeing this issue?
bug 1685414 was fixed at the beginning of the year in 102.7.0
|
|
Reporter | |
Comment 13•1 year ago
|
||
I'm currently running Thunderbird 115.0b5 and after keeping it running for 24 hours everything seems to work fine and there was no more disconnect/error message.
|
||
Comment 14•1 year ago
|
||
Resolved per whiteboard and Comment 13
Description
•