exchanglib error while trying to connect and get folder count details
Closed this issue · 7 comments
Describe the bug
A clear and concise description of what the bug is.
import time
from exchangelib import Account, OAuth2Credentials, Configuration, OAUTH2, Identity
import logging
# This handler will pretty-print and syntax highlight the request and response
# XML documents
from exchangelib.util import PrettyXmlHandler
logging.basicConfig(level=logging.DEBUG, handlers=[PrettyXmlHandler()])
client_id = "xxx"
client_secret = "xxx"
tenant_id = "xxx"
tenant_name = "xxx"
user = 'xxx@xx.com'
credentials = OAuth2Credentials(
client_id=client_id,
client_secret=client_secret,
tenant_id=tenant_id,
#identity=Identity(smtp_address=user)
)
print(credentials)
config = Configuration(
credentials=credentials,
auth_type="basic",
service_endpoint="https://login.microsoftonline.com/"+tenant_name+"/oauth2/v2.0/token",
)
print(config)
current_time = time.time()
print('current time: ', current_time)
account = Account(
primary_smtp_address=user,
config=config,
autodiscover=False,
)
print('Executed Time: ', time.time() - current_time)
print(account.root.all().count())
folder_name = getattr(account, 'inbox')
print(folder_name.all().count())
for item in folder_name.all().filter(**{'subject__icontains': 'Test2'})[:100]:
print(item.subject)
f applicable, describe how other clients like Outlook or OWA behave.To Reproduce
If applicable, add the shortest possible script that reproduces the error.
onfiguration(credentials=OAuth2Credentials('xxxx', '********'), service_endpoint='https://login.microsoftonline.com/contoso.onmicrosoft.com/oauth2/v2.0/token', auth_type='basic', version=None, retry_policy=<exchangelib.protocol.FailFast object at 0x000000714EE23040>)
current time: 1696448447.974236
DEBUG:exchangelib.protocol:Waiting for _protocol_cache_lock
DEBUG:exchangelib.protocol:Protocol __call__ cache miss. Adding key '('https://login.microsoftonline.com/contoso.onmicrosoft.com/oauth2/v2.0/token', OAuth2Credentials('xxxx', '********'))'
DEBUG:exchangelib.version:Asking server for version info using API version Exchange2019
DEBUG:exchangelib.services.common:Processing chunk 1 containing 1 items
DEBUG:exchangelib.services.common:Calling service ResolveNames
DEBUG:exchangelib.services.common:Trying API version Exchange2019
DEBUG:exchangelib.protocol:Server login.microsoftonline.com: Increasing session pool size from 0 to 1
DEBUG:requests_oauthlib.oauth2_session:Requesting url https://login.microsoftonline.com/xxxx-37763fc00787/oauth2/v2.0/token using method POST.
DEBUG:requests_oauthlib.oauth2_session:Supplying headers {'Accept': 'application/json', 'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8'} and data {'grant_type': 'client_credentials', 'client_id': '739c2be3-eb4a-4a81-8835-8b036bf52228', 'client_secret': 'jsQ8Q~xx', 'scope': 'https://outlook.office365.com/.default'}
DEBUG:requests_oauthlib.oauth2_session:Passing through key word arguments {'timeout': 120, 'auth': None, 'verify': True, 'proxies': None, 'cert': None}.
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): login.microsoftonline.com:443
DEBUG:urllib3.connectionpool:https://login.microsoftonline.com:443 "POST /xxxx-37763fc00787/oauth2/v2.0/token HTTP/1.1" 200 1579
DEBUG:requests_oauthlib.oauth2_session:Request to fetch token completed with status 200.
DEBUG:requests_oauthlib.oauth2_session:Request url was https://login.microsoftonline.com/xxx-37763fc00787/oauth2/v2.0/token
DEBUG:requests_oauthlib.oauth2_session:Request headers were {'User-Agent': 'exchangelib/4.8.0 (python-requests/2.28.1)', 'Accept-Encoding': 'gzip, deflate', 'Accept': 'application/json', 'Connection': 'keep-alive', 'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8', 'Content-Length': '184'}
DEBUG:requests_oauthlib.oauth2_session:Request body was grant_type=client_credentials&client_id=7xxx&client_secret=xx~xxx&scope=https%3A%2F%2Foutlook.office365.com%2F.default
DEBUG:requests_oauthlib.oauth2_session:Response headers were {'Cache-Control': 'no-store, no-cache', 'Pragma': 'no-cache', 'Content-Type': 'application/json; charset=utf-8', 'Expires': '-1', 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains', 'X-Content-Type-Options': 'nosniff', 'P3P': 'CP="DSP CUR OTPi IND OTRi ONL FIN"', 'x-ms-request-id': '951372fc-aa00-4a3b-98cd-97529a418c00', 'x-ms-ests-server': '2.1.16424.8 - NCUS ProdSlices', 'X-XSS-Protection': '0', 'Set-Cookie': 'fpc=AlIirNGDFlVBqzyma1uFbHbRJRE1AQAAAMC2r9wOAAAA; expires=Fri, 03-Nov-2023 19:40:48 GMT; path=/; secure; HttpOnly; SameSite=None, x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly, stsservicecookie=estsfd; path=/; secure; samesite=none; httponly', 'Date': 'Wed, 04 Oct 2023 19:40:47 GMT', 'Content-Length': '1579'} and content {"token_type":"Bearer","expires_in":3599,"ext_expires_in":3599,"access_token":"xcxx"}.
DEBUG:requests_oauthlib.oauth2_session:Invoking 0 token response hooks.
DEBUG:requests_oauthlib.oauth2_session:Obtained token {'token_type': 'Bearer', 'expires_in': 3599, 'ext_expires_in': 3599, 'access_token': 'xxxc', 'expires_at': 1696452047.1682625}.
DEBUG:exchangelib.credentials:Setting auth token for xxx-8b036bf52228
DEBUG:exchangelib.protocol:Server login.microsoftonline.com: Created session 86522
DEBUG:exchangelib.protocol:Server login.microsoftonline.com: Waiting for session
DEBUG:exchangelib.protocol:Server login.microsoftonline.com: Got session 86522
DEBUG:exchangelib.util:Session 86522 thread 3100: retry 0 timeout 120 POST'ing to https://login.microsoftonline.com/contoso.onmicrosoft.com/oauth2/v2.0/token after 10s wait
DEBUG:requests_oauthlib.oauth2_session:Invoking 0 protected resource request hooks.
DEBUG:requests_oauthlib.oauth2_session:Adding token {'token_type': 'Bearer', 'expires_in': 3599, 'ext_expires_in': 3599, 'access_token': 'cxcxcx', 'expires_at': 1696452047.1682625} to request.
DEBUG:requests_oauthlib.oauth2_session:Requesting url https://login.microsoftonline.com/contoso.onmicrosoft.com/oauth2/v2.0/token using method POST.
DEBUG:requests_oauthlib.oauth2_session:Supplying headers {'Authorization': 'Bearer xxx'} and data b'<?xml version=\'1.0\' encoding=\'utf-8\'?>\n<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types"><s:Header><t:RequestServerVersion Version="Exchange2019"/></s:Header><s:Body><m:ResolveNames ReturnFullContactData="false"><m:UnresolvedEntry>739c2be3-eb4a-4a81-8835-8b036bf52228</m:UnresolvedEntry></m:ResolveNames></s:Body></s:Envelope>'
DEBUG:requests_oauthlib.oauth2_session:Passing through key word arguments {'json': None, 'allow_redirects': False, 'timeout': 120, 'stream': False}.
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): login.microsoftonline.com:443
DEBUG:urllib3.connectionpool:https://login.microsoftonline.com:443 "POST /contoso.onmicrosoft.com/oauth2/v2.0/token HTTP/1.1" 400 503
DEBUG:exchangelib.util:Retry: 0
Waited: 10
It's not clear to me what the error is here? What's not working? Do you get a stack trace? If so, please post it here as well.
Closing. Feel free to reopen if you get back to this.
Auth type: <requests_oauthlib.oauth2_auth.OAuth2 object at 0x000000FA4AEF2730>
URL: https://outlook.office365.com/EWS/Exchange.asmx
HTTP adapter: <requests.adapters.HTTPAdapter object at 0x000000FA4AEF25B0>
Allow redirects: False
Streaming: False
Response time: 0.7029999999795109
Status code: 403
Request headers: {'User-Agent': 'exchangelib/4.8.0 (python-requests/2.28.1)', 'Accept-Encoding': 'gzip, deflate', 'Accept': '/', 'Connection': 'keep-alive', 'Content-Type': 'text/xml; charset=utf-8', 'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IkZUS3Z1QWZCRkJEUEFidWRqTXJhSjVmNWR0aUZWSUEwMVlBNWpCV2xTYUEiLCJhbGciOiJSUzI1NiIsIng1dCI6IjlHbW55RlBraGMzaE91UjIybXZTdmduTG83WSIsImtpZCI6IjlHbW55RlBraGMzaE91UjIybXZTdmduTG83WSJ9.eyJhdWQiOiJodHRwczovL291dGxvb2sub2ZmaWNlMzY1LmNvbSIsImlzcyI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0LzRjZTliNmFjLTFlNGMtNGUxOC1iMzBlLTM3NzYzZmMwMDc4Ny8iLCJpYXQiOjE2OTcwNTQ1MjksIm5iZiI6MTY5NzA1NDUyOSwiZXhwIjoxNjk3MDU4NDI5LCJhaW8iOiJFMkZnWUtoWVhlSmZYcEJxTzJQTEl0NFRSOWI5QlFBPSIsImFwcF9kaXNwbGF5bmFtZSI6ImVIU0RXU2VydmljZURlc2tSZXBvcnRpbmciLCJhcHBpZCI6IjczOWMyYmUzLWViNGEtNGE4MS04ODM1LThiMDM2YmY1MjIyOCIsImFwcGlkYWNyIjoiMSIsImlkcCI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0LzRjZTliNmFjLTFlNGMtNGUxOC1iMzBlLTM3NzYzZmMwMDc4Ny8iLCJvaWQiOiI5N2Q1MDU0ZS1hNDliLTQ3MTItYmU2My0wZjZmNjZjM2I0NWMiLCJyaCI6IjAuQVc0QXJMYnBURXdlR0U2ekRqZDJQOEFIaHdJQUFBQUFBUEffemdBQUFBQUFBQUJ1QUFBLiIsInNpZCI6IjEwMTc1ODIwLWI4ZTgtNGE1Ni05ZDVkLTZhNDA5ODAwYjc3OCIsInN1YiI6Ijk3ZDUwNTRlLWE0OWItNDcxMi1iZTYzLTBmNmY2NmMzYjQ1YyIsInRpZCI6IjRjZTliNmFjLTFlNGMtNGUxOC1iMzBlLTM3NzYzZmMwMDc4NyIsInV0aSI6Ii1NTnBOeEpydVVlXy1FLVdhbjQwQUEiLCJ2ZXIiOiIxLjAiLCJ3aWRzIjpbIjA5OTdhMWQwLTBkMWQtNGFjYi1iNDA4LWQ1Y2E3MzEyMWU5MCJdfQ.PSuHb_zV4yutRPxcuGk6o6AyFkhuKSBAMFoO1u34ip7IQfpoUaPy90rTbAot_6c1tUWGNAZIEIrhxTMS63EbW_ubI1kLM6iOf9XuXzcx1MD5b4XVZQ1gUL6yJfzoIbwbuVI0iTtATHl-UNMOoi_nCFsi5yw2j3WW5h7rOrV5rn_FgWn_P6wOfeJVjuxUlmRnnhIY3ziD-XPDVJRoUJYE_gAX3wd8re2VceeiiVT5PP807KOC0mz7FDAnHF9bu7gQlfTBvwqCNBW3IlU0o5IBJMGYvCwULhg1wM9dhaTs_vEpe9ID6rdpeJKe7khpawso5SqQZ7_WEfasG76-dSoj0w', 'Cookie': 'exchangecookie=91c983cf35124f6498a78cbf0846c606', 'Content-Length': '637'}
Response headers: {'Cache-Control': 'private', 'Content-Type': 'text/xml; charset=utf-8', 'Server': 'Microsoft-IIS/10.0', 'request-id': 'e7ac09d2-c34d-1880-c1b0-b3edd354de05', 'Alt-Svc': 'h3=":443",h3-29=":443"', 'X-CalculatedFETarget': 'YQZPR01CU005.internal.outlook.com', 'X-BackEndHttpStatus': '403, 403', 'Set-Cookie': 'exchangecookie=91c983cf35124f6498a78cbf0846c606; path=/; secure', 'WWW-Authenticate': 'Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@", token_types="app_asserted_user_v1 service_asserted_app_v1", error="invalid_token"', 'X-CalculatedBETarget': 'YQBPR1101RB5301.TDPRD01.PROD.OUTLOOK.COM', 'X-RUM-Validated': '1', 'X-RUM-NotUpdateQueriedPath': '1', 'X-RUM-NotUpdateQueriedDbCopy': '1', 'x-ms-appId': '739c2be3-eb4a-4a81-8835-8b036bf52228', 'Restrict-Access-Confirm': '1', 'x-ms-diagnostics': '2000008;reason="The token contains not enough scope to make this call.";error_category="invalid_grant"', 'X-AspNet-Version': '4.0.30319', 'X-BeSku': 'WCS7', 'X-DiagInfo': 'YQBPR0101MB5301', 'X-BEServer': 'YQBPR0101MB5301', 'X-Proxy-RoutingCorrectness': '1', 'X-Proxy-BackendServerStatus': '403', 'X-FEProxyInfo': 'CH2PR14CA0049.NAMPRD14.PROD.OUTLOOK.COM', 'X-FEEFZInfo': 'MDW', 'X-FEServer': 'YQZPR01CA0112, CH2PR14CA0049', 'X-FirstHopCafeEFZ': 'MDW', 'X-Powered-By': 'ASP.NET', 'Date': 'Wed, 11 Oct 2023 20:07:09 GMT', 'Content-Length': '0'}
Request XML: b'\n<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types"><s:Header><t:RequestServerVersion Version="Exchange2016"/><t:ExchangeImpersonation><t:ConnectingSID><t:PrimarySmtpAddress>test@test.ca</t:PrimarySmtpAddress></t:ConnectingSID></t:ExchangeImpersonation></s:Header><s:Body><m:ResolveNames ReturnFullContactData="false"><m:UnresolvedEntry>xxx</m:UnresolvedEntry></m:ResolveNames></s:Body></s:Envelope>'
Response XML: b''
Traceback (most recent call last):
File "E:/Python_Proj/SD_Stats/Pritam.py", line 33, in
account = Account(primary_smtp_address=address,
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\account.py", line 204, in init
self.version = self.protocol.version.copy()
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\protocol.py", line 485, in version
self.config.version = Version.guess(self, api_version_hint=self._api_version_hint)
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\version.py", line 233, in guess
list(ResolveNames(protocol=protocol).call(unresolved_entries=[name]))
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\services\common.py", line 188, in _elems_to_objs
for elem in elems:
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\services\common.py", line 246, in _chunked_get_elements
yield from self._get_elements(payload=payload_func(chunk, **kwargs))
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\services\common.py", line 266, in _get_elements
yield from self._response_generator(payload=payload)
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\services\common.py", line 228, in _response_generator
response = self._get_response_xml(payload=payload)
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\services\common.py", line 343, in _get_response_xml
r = self._get_response(payload=payload, api_version=api_version)
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\services\common.py", line 298, in _get_response
r, session = post_ratelimited(
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\util.py", line 915, in post_ratelimited
protocol.retry_policy.raise_response_errors(r) # Always raises an exception
File "C:\Users\microinfo\AppData\Local\Programs\Python\Python38\lib\site-packages\exchangelib\protocol.py", line 695, in raise_response_errors
raise MalformedResponseError(
exchangelib.errors.MalformedResponseError: Unknown failure in response. Code: 403 headers: {'Cache-Control': 'private', 'Content-Type': 'text/xml; charset=utf-8', 'Server': 'Microsoft-IIS/10.0', 'request-id': 'xxx-c34d-1880-xx-b3edd354de05', 'Alt-Svc': 'h3=":443",h3-29=":443"', 'X-CalculatedFETarget': 'YQZPR01CU005.internal.outlook.com', 'X-BackEndHttpStatus': '403, 403', 'Set-Cookie': 'exchangecookie=xxx; path=/; secure', 'WWW-Authenticate': 'Bearer client_id="xxx-0000-0ff1-xx-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@", token_types="app_asserted_user_v1 service_asserted_app_v1", error="invalid_token"', 'X-CalculatedBETarget': 'YQBPR0101MB5301.CANPRD01.PROD.OUTLOOK.COM', 'X-RUM-Validated': '1', 'X-RUM-NotUpdateQueriedPath': '1', 'X-RUM-NotUpdateQueriedDbCopy': '1', 'x-ms-appId': 'xx-eb4a-4a81-8835-xx', 'Restrict-Access-Confirm': '1', 'x-ms-diagnostics': '2000008;reason="The token contains not enough scope to make this call.";error_category="invalid_grant"', 'X-AspNet-Version': '4.0.30319', 'X-BeSku': 'WCS7', 'X-DiagInfo': 'YQBPR0101MB5301', 'X-BEServer': 'YQBPR0101MB5301', 'X-Proxy-RoutingCorrectness': '1', 'X-Proxy-BackendServerStatus': '403', 'X-FEProxyInfo': 'CH2PR14TR0049.NAMPRD14.PROD.OUTLOOK.COM', 'X-FEEFZInfo': 'MDW', 'X-FEServer': 'YQZPR01CA0112, CH2PR14CA0049', 'X-FirstHopCafeEFZ': 'MDW', 'X-Powered-By': 'ASP.NET', 'Date': 'Wed, 11 Oct 2023 20:07:09 GMT', 'Content-Length': '0'} content:
DEBUG:exchangelib.protocol:Server outlook.office365.com: Closing sessions
its shows invalid token/grant in response.
Yeah, that usually means that the OAuth client is generering tokens that are not valid for use with the EWS API. You need to either forlod rhe documentation for creating an Azure client, or get help from your Azure admins on correctly configuring the OAuth client.
is there anything wrong in code? i informed my azure admin about this issue but they asked me to change the code but I don't see any issue with code.
Pritam
Looking again at the initial code you posted, you specified Basic auth in the Configuration object, which is wrong. Also, your service_endpoint points to an OAuth token URL but should point to the URL of the EWS service of your Exchange server.