GNOME.org
 

[evolution-ews/gnome-3-32] M!1 - Do not pass 'scope' parameter in OAuth2 requests on outlook.office365.com server

commit 8dafe925c30e2a2bc53578076eb5710b18eedd42
Author: Luca Boccassi <luca boccassi microsoft com>
Date:   Tue Apr 2 16:12:22 2019 +0200

    M!1 - Do not pass 'scope' parameter in OAuth2 requests on outlook.office365.com server
    
    It is optional and can cause errors like:
       error:invalid_request description:AADSTS65002:
       Consent between first party applications and resources must be
       configured via preauthorization.
    
    Related to https://gitlab.gnome.org/GNOME/evolution-ews/merge_requests/1

 src/server/e-oauth2-service-office365.c | 17 -----------------
 1 file changed, 17 deletions(-)
---
diff --git a/src/server/e-oauth2-service-office365.c b/src/server/e-oauth2-service-office365.c
index 4be84f6f..d660458c 100644
--- a/src/server/e-oauth2-service-office365.c
+++ b/src/server/e-oauth2-service-office365.c
@@ -30,21 +30,6 @@
 
 #define OFFICE365_RESOURCE "https://outlook.office.com";
 
-#define OFFICE365_SCOPE "openid offline_access profile " \
-       "Mail.ReadWrite " \
-       "Mail.ReadWrite.Shared " \
-       "Mail.Send " \
-       "Mail.Send.Shared " \
-       "Calendars.ReadWrite " \
-       "Calendars.ReadWrite.Shared " \
-       "Contacts.ReadWrite " \
-       "Contacts.ReadWrite.Shared " \
-       "Tasks.ReadWrite " \
-       "Tasks.ReadWrite.Shared " \
-       "MailboxSettings.ReadWrite " \
-       "People.Read " \
-       "User.ReadBasic.All"
-
 struct _EOAuth2ServiceOffice365Private
 {
        GMutex string_cache_lock;
@@ -253,7 +238,6 @@ eos_office365_prepare_authentication_uri_query (EOAuth2Service *service,
 
        e_oauth2_service_util_set_to_form (uri_query, "response_mode", "query");
        e_oauth2_service_util_set_to_form (uri_query, "prompt", "login");
-       e_oauth2_service_util_set_to_form (uri_query, "scope", OFFICE365_SCOPE);
        e_oauth2_service_util_set_to_form (uri_query, "resource", OFFICE365_RESOURCE);
 }
 
@@ -321,7 +305,6 @@ eos_office365_prepare_refresh_token_form (EOAuth2Service *service,
 {
        g_return_if_fail (form != NULL);
 
-       e_oauth2_service_util_set_to_form (form, "scope", OFFICE365_SCOPE);
        e_oauth2_service_util_set_to_form (form, "resource", OFFICE365_RESOURCE);
        e_oauth2_service_util_set_to_form (form, "redirect_uri", e_oauth2_service_get_redirect_uri (service, 
source));
 }
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]