Proxy config file entry missing for account
Closed this issue · 10 comments
Hi,
I have running the proxy successfully for a M365 Account.
Now I want to add a second account with the same tenant. Did copy all settings from the first, but I always get following errors when trying to connect:
2025-03-12 10:14:12,415: Accepting new connection from [::ffff:127.0.0.1]:15975 to IMAP server at [::]:1993 (unsecured) proxying outlook.office365.com:993 (SSL/TLS)
2025-03-12 10:14:12,831: Proxy config file entry missing for account invoice@reiter.design - aborting login
2025-03-12 10:14:12,832: Proxy config file entry missing for account invoice@reiter.design - aborting login
Can I connect with a new user to the same Proxy, or do I need to use the previously configured user? How could I use the second account then?
Config:
[Account setup]
[office@reiter.design]
permission_url = https://login.microsoftonline.com/66db2333-d4de-4f89-9d1b-72fad213b5eb/oauth2/v2.0/authorize
token_url = https://login.microsoftonline.com/66db2333-d4de-4f89-9d1b-72fad213b5eb/oauth2/v2.0/token
oauth2_scope = https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send offline_access
redirect_uri = http://localhost
client_id = <...>
client_secret = <...>
token_salt = zh3kY+5AIww7PPbehbVP0Q==
token_iterations = 870000
access_token = <...>
access_token_expiry = 1741772635
refresh_token = <...>
last_activity = 1741768783
[invoice@reiter.design]
permission_url = https://login.microsoftonline.com/66db2333-d4de-4f89-9d1b-72fad213b5eb/oauth2/v2.0/authorize
token_url = https://login.microsoftonline.com/66db2333-d4de-4f89-9d1b-72fad213b5eb/oauth2/v2.0/token
oauth2_scope = https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/SMTP.Send offline_access
redirect_uri = http://localhost
client_id =
client_secret =
Did you reload the configuration file or restart the proxy after making these changes? Apart from the missing client_id (which would generate a different error message), there's nothing that stands out as incorrect here.
Yes, I did reload and also did restart.
Forgot to mention: client_id and _secret was copied from the other account.
It is correct that I configure another account e.g. in Thunderbird with user invoice@reiter.design for IMAP and SMTP and after first connect, I should see the request for Auth ?
There's no issue in using the same client_id and client_secret values across multiple accounts. And yes, you should configure the new account separately as usual in any external clients or apps.
OK, thanks. Any idea what I could do to find the reason for that problem? I have it running on a Windows Server.
I'd first close the proxy, then edit the file to make sure it contains the accounts as required, then start the proxy again. Other than that, I'm afraid I don't have any suggestions. The proxy uses configparser to process this file, so it needs to be valid according to that format, but your current version does look fine to me. If for some reason this doesn't resolve the issue, you could enable catch-all accounts and just have an entry for your top-level domain.
Did you also do an update to the proxy version as part of this change?
I have just updated the proxy to the latest prebuilt binary using nuitka, and my config file in the program directory is not being used, and I am receiving an error about the config file not being found in my temp folder.
No, I did not update. It is the latest stable Windows version.
The config file is loaded. I can see both accounts in the context menu, but I cannot connect to the new one.
That's an interesting new bit of information. I can't think of any reason why an account that the proxy has loaded would not be available for use, except if somehow your client is not identifying the account correctly. Please post the proxy's log in debug mode.
Oh, silly me. I had the proxy running as a scheduled task and did not realize that the process did not stop when stopping the task. So it ran in the background with the old config and the interactively started process did not receive the connection from the client.
Now I get the authorization request and can enter the M365 user and password. But after that I get:
AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption.
What ist wrong?
I'm glad you managed to find the cause of this, and also that it was nothing to do with the proxy itself.
Searching for that new error message gives lots of results relating to an (easily fixable) misconfiguration on the Azure side, which is also not a problem with the proxy, so I'll close this issue.