Skip to content

Draft: Make EWS Oauth working with Intune

Hello,

here I am trying to resolve https://bugs.kde.org/show_bug.cgi?id=424231 .

Currently, there is hard-coded User-Agent string for EWS Oauth window, which makes it identify as Android. This causes issues in Tennants, where Intune enrollment is required and results in this:

obrazek

First step in making KDE PIM compatible with EWS / O365 and Intune, we need to make the user-agent configurable. The first commit implements this - It just uses the User-Agent configured in the "Advanced" tab of the resource configuration.

Known issues:

  1. When there is reauthentication request, the User-Agent variable is not properly read and results in default User-Agent used. It just needs to be implemented there too: obrazek

  2. Strangely enough, if you set your User-Agent to a garbage string, like "test", the Oauth successfully verifies you, including 2FA and it seems including Intune enrollment. However after the window closes, you get following error and no access token is written to kwallet:

Please register the custom scheme 'urn' via QWebEngineUrlScheme::registerScheme() before installing the custom scheme handler.
org.kde.pim.ews.client: Starting OAuth2 authentication
org.kde.pim.ews.client: Launching browser for authentication
org.kde.pim.ews.client: PKeyAuth certificates not found
org.kde.pim.ews.client: Using User Agent:  "test"
Fontconfig error: Cannot load default config file: No such file: (null)
org.kde.pim.ews.client: Authentication succeeded
Please register the custom scheme 'urn' via QWebEngineUrlScheme::registerScheme() before installing the custom scheme handler.
org.kde.pim.ews: Authentication failed:  Access token request failed
org.kde.pim.ews: reauthenticate: trying to refresh
org.kde.pim.ews.client: Starting OAuth2 authentication

However, with the commit attached, you can almost get there. This is the last screen before closing the window, where the resulting access token should be sucessfully returned (this is done with User-Agent "test"): obrazek

Edited by Lukáš Krejza

Merge request reports

Loading