Kudala kumenyezelwe - manje okuyiqiniso : I-Microsoft ivale ukufakazela ubuqiniso ngephasiwedi yezivumelwano ezithile ku-Exchange Online kusukela ngoSepthemba 2022 ukuze ivune i-oAuth2. Izinkinga ze-GitHub zemitapo yolwazi eminingi kanye nemibhalo eyisipele yenza kucace ukuthi uguquko lwamangaza abaphathi abaningi. Ngezansi sibonisa indlela yokuthi ungaqhubeka kanjani nokufinyelela okuqukethwe kwebhokisi lakho leposi le-Exchange ngosizo lwe-oAuth2 nge-PHP usebenzisa i-IMAP.
Ngokombono wezokuphepha, umnyakazo we-Microsoft ulungile kakhulu, kodwa ubunkimbinkimbi bokufinyelela okuhleliwe kuma-imeyili ayo bukhule kancane. Isibonelo, uma usebenzisa umtapo wezincwadi we -barbushin/php-imap osetshenziswa kakhulu, ukufinyelela bekuvame ukuba kanje:
734a82898010e2fcb02c72c3cd9702c2
Ayisasebenzi. Ukuze usungule uxhumano nge-oAuth2, ubunzima bokuqala ukuthola ithokheni yokufinyelela. Futhi ngenxa yalokhu kufanele uthathe izithiyo ezimbili.
I-Azure Active Directory
Izinyathelo ezilandelayo zibhalisa uhlelo lokusebenza olusha ku-Azure Active Directory:
I-PowerShell
Manje sivula uhlelo lokusebenza ku- I-Microsoft PowerShell (Imodi yomqondisi) futhi unikeze izimvume ebhokisini leposi ngalinye (<TENANTID>
, <CLIENTID>
, <OBJECTID>
, <EMAIL>
kufanele kushintshwe esimweni ngasinye):
Install-Module -Name ExchangeOnlineManagement
Import-Module ExchangeOnlineManagement
Connect-ExchangeOnline -Organization <TENANTID>
New-ServicePrincipal -AppId <CLIENTID> -ServiceId <OBJECTID>
Add-MailboxPermission -Identity "<EMAIL>" -User <OBJECTID> -AccessRights FullAccess
...
Uma usukwenzile lokho, okunye akusiyo isayensi yerokhethi. Njengoba i-barbushin/php- imap ingasekeli i-oAuth2, ungaxhuma nenye ilabhulali Webklex/php-imap (nayo futhi enenzuzo yokungadingi imojula ye- PHP IMAP ).:
734a82898010e2fcb02c72c3cd9702c2
Kodwa-ke, amalabhulali angayisekeli ngokusemthethweni i-oAuth2 angasetshenziswa futhi ngommeleli onjenge simonrob/email-oauth2-proxy yenze isebenze. Ngemva kwalokhu Landa kanye nokufakwa nge python -m pip install -r requirements-no-gui.txt
(Python ≥3.6 iyadingeka) uhlela ifayela emailproxy.config
isb. ngokulandelayo (ukushintsha lesi sikhathi <TENANTID>
, <CLIENTID>
, <CLIENTSECRET>
futhi <EMAIL>
):
[Server setup]
[IMAP-1993]
local_address = localhost
server_address = outlook.office365.com
server_port = 993
[Account setup]
[<EMAIL>]
token_url = https://login.microsoftonline.com/<TENANTID>/oauth2/v2.0/token
oauth2_scope = https://outlook.office365.com/.default
redirect_uri = http://localhost:8080
client_id = <CLIENTID>
client_secret = <CLIENTSECRET>
Bese uqala ummeleli nge python emailproxy.py --no-gui
futhi manje ingaya ku-IP ingabetheliwe localhost
ethekwini 1993
xhuma nge-Basic Auth evamile (nanoma iyiphi isethi yephasiwedi). Uma ufuna ukuqala ummeleli njengesevisi ngemuva uma uqala uhlelo, ungasebenzisa, isibonelo systemd:
sudo systemctl edit --force --full emailproxy.service
[Unit]
Description=Email OAuth 2.0 Proxy
[Service]
ExecStart=/usr/bin/python /path/to/emailproxy.py --no-gui
Restart=always
[Install]
WantedBy=multi-user.target
sudo systemctl enable emailproxy.service --now
sudo systemctl status emailproxy.service
sudo systemctl start emailproxy.service
Uma kudingeka uxhumano olubethelwe, lokhu kuyenzeka futhi - ngalokhu uqala udale ukhiye oyimfihlo kanye nesitifiketi esizisayinele.:
openssl genrsa -out key.pem 3072
openssl req -new -x509 -key key.pem -out cert.pem -days 360
Bese kwenziwa inkomba ku- emailproxy.config
lawa mafayela amabili:
local_key_path = /path/to/key.pem
local_certificate_path = /path/to/cert.pem