Can't authenticate to Office 365 with oauth
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mozilla Thunderbird |
Fix Released
|
Unknown
|
|||
thunderbird (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Upstream issue :https:/
Thunderbird blog post: https:/
They say they released a "second build" of version 102.7.1. This is the version I have on Ubuntu 22.04 but I guess I have the "first build" installed?
Could you backport the fix please?
In Mozilla Bugzilla #1810760, 0-christian-2 (0-christian-2) wrote : | #4 |
In Mozilla Bugzilla #1810760, 0-christian-2 (0-christian-2) wrote : | #5 |
To rule out my machine being at fault, I spun up a new ubuntu 22.04 desktop vm, and purged the default thunderbird from the system, and did a fresh snap install of thunderbird which automatically put on the latest revision 288 / 102.7.0-1. I was also unable to log into my office 365 account using 102.7.0-1.
In Mozilla Bugzilla #1810760, 0-christian-2 (0-christian-2) wrote : | #6 |
From the Azure side our administrator saw this;
Sign-in error code
9002326
Failure reason
Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type. Request origin: '{origin}'.
Additional Details
The application must fix either the reply URIs registered on the application registration to include a unique reply address of type "spa", or they must fix the token request to not include an Origin header, if being sent from a non-browser client.
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #7 |
Sean will take a look at this. Hopefully a fairly straightforward fix. Thanks for the report, especially the admin side log.
In Mozilla Bugzilla #1810760, Seán de Búrca (leftmostcat) wrote : | #8 |
Seconding Andrei's thanks for the admin log.
Could you try the build at https:/
In Mozilla Bugzilla #1810760, Harm van Bakel (hvbakel) wrote : | #9 |
I ran into exactly the same issue as described above when updating the Thunderbird snap from revision 281 (102.6.0-2) to revision 288 (102.7.0-1) and came across this report when trying to troubleshoot. I can confirm that when using the build linked in the comment above, the Oauth2 authentication works correctly.
In Mozilla Bugzilla #1810760, Charles-Antoine Guillat-Guignard (xarli) wrote : | #10 |
Same issue here, using mozillateam ppa on Ubuntu.
In Mozilla Bugzilla #1810760, 0-christian-2 (0-christian-2) wrote : | #11 |
(In reply to Sean Burke [:leftmostcat] from comment #4)
> Seconding Andrei's thanks for the admin log.
>
> Could you try the build at https:/
Yes this seems to work fine standalone, I extracted it and ran thunderbird-bin and after re-setting up my office365 mail account it did connect and allow me to get to my email.
Thanks for the quick help!
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #12 |
*** Bug 1811013 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, Rasmus Blanck (rasmusbl) wrote : | #13 |
I have the same problem since upgrading from 102.4.2 to 102.7.0. I can confirm that when using the build above OAuth2 authentication works for both outgoing and incoming email.
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #14 |
*** Bug 1811279 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #15 |
Users of version 102 will want to be using [**102.6.1**](http://
Someone on Kubuntu 22.04 wrote this worked well:
`sudo apt-get install thunderbird=
Users of nightly (daily) builds will want to use the build artifacts of [Sean's try build](https:/
* [linux](https:/
* [Windows](https:/
* [Mac](https:/
In Mozilla Bugzilla #1810760, Ben-bucksch (ben-bucksch) wrote : | #16 |
(In reply to Sean Burke [:leftmostcat] from comment #4)
> Could you try the build at https:/
Hey Sean, can you attach your patch here, please?
(Thanks christian for the admin log. Very helpful. And thanks to the MS devs who gave a helpful error message.)
In Mozilla Bugzilla #1810760, X-rs (x-rs) wrote : | #17 |
In response to bug 1811279 (see further details there) and this one, I'm still using Ubuntu 20.04LTS , reverted TB back to previous version and then did:
```
sudo apt-mark hold thunderbird
```
... in order to temporary hold this version.
In Mozilla Bugzilla #1810760, Harm van Bakel (hvbakel) wrote : | #18 |
For ubuntu snap users that received an automatic update to version 102.7.0, the following commands will revert to the previous version and temporarily hold updates for one week until the new version is (presumably) released. Make sure you quit any running instance of Thunderbird before executing the commands. Note that the 'hold' option requires snapd v2.58 or higher.
```
snap revert thunderbird
snap refresh --hold=168h thunderbird
```
If a fixed version is released before this time the hold can be lifted by executing:
```
snap refresh --unhold thunderbird
```
In Mozilla Bugzilla #1810760, Seán de Búrca (leftmostcat) wrote : | #19 |
Created attachment 9313356
Bug 1810760 - don't use CORS with client requests. r=#thunderbird-
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #20 |
Comment on attachment 9313356
Bug 1810760 - don't use CORS with client requests. r=#thunderbird-
[Approval Request Comment]
Regression caused by (bug #): 1685414
User impact if declined: Microsoft oAuth account users will not be able to authenticate.
Testing completed (on c-c, etc.): c-c
Risk to taking this patch (and alternatives if risky): Although the code changes are isolated to Microsoft accounts, it's possible we break some other oAuth flow. Testing should mitigate this risk. I have personally tested with gmail in addition to outlook.com and it seems fine.
In Mozilla Bugzilla #1810760, Pulsebot (pulsebot) wrote : | #21 |
Pushed by <email address hidden>:
https:/
don't use CORS with client requests. r=sancus
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #22 |
*** Bug 1811752 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #23 |
Comment on attachment 9313356
Bug 1810760 - don't use CORS with client requests. r=#thunderbird-
[Triage Comment]
Approved for beta
Approved for er102, pending beta release, per Chat with sancus
wsmwk: I think we should push it through. Like build and ship beta on Monday and build 102.7.1 on Monday to ship Tuesday or Wednesday
sancus: OK sounds good
In Mozilla Bugzilla #1810760, F-daniel-d (f-daniel-d) wrote : | #24 |
Thunderbird 110.0b2:
https:/
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #25 |
*** Bug 1811966 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, F-daniel-d (f-daniel-d) wrote : | #26 |
Thunderbird 102.7.1:
https:/
In Mozilla Bugzilla #1810760, longsonr (longsonr) wrote : | #27 |
*** Bug 1812000 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #28 |
*** Bug 1811998 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #29 |
Based on the report in bug 1812090 the final fix for this bug didn't work.
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #30 |
What happened here is that the patch does not seem to work properly on 102 branch. The "Origin: null" header remains. Daily and 110b2 are both working in my testing.
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #31 |
*** Bug 1812090 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #32 |
*** Bug 1812077 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, Adalbert-chamisso (adalbert-chamisso) wrote : | #33 |
(In reply to Andrei Hajdukewycz [:sancus] from comment #26)
> What happened here is that the patch does not seem to work properly on 102 branch. The "Origin: null" header remains.
Bug 1605305 fixed this, particularly: https:/
This patch [...] prefers to send **no Origin header instead of Origin: null.**
In Mozilla Bugzilla #1810760, Kai Engert (kaie) wrote : | #34 |
Just a drive-by thought, without having dug into this problem:
The patch from that bug is probably too big for uplift to mozilla-esr102, and it also had regression bugs.
Adalbert's comment 29 suggests one specific code block to be related.
You could test a build that removes this one block (red) from mozilla-esr102. Maybe that code block could be slightly improved to keep the header if the origin is non-null. (In other words, only suppress if origin is null).
If that indeed works without other regressions for Thunderbird, you could ask for that change on mozilla-esr102 with ```#ifdef MOZ_THUNDERBIRD```
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #35 |
(In reply to Kai Engert (:KaiE:) from comment #30)
> Just a drive-by thought, without having dug into this problem:
>
> The patch from that bug is probably too big for uplift to mozilla-esr102, and it also had regression bugs.
>
Yes, I don't think uplifting that one is going to happen.
> Adalbert's comment 29 suggests one specific code block to be related.
Yeah, Sean and I found that code earlier. We could patch only that block ourselves the way you suggested or by applying a patch during the build process. A JS workaround would be preferred, however, so we're still investigating that.
In Mozilla Bugzilla #1810760, Adalbert-chamisso (adalbert-chamisso) wrote : | #36 |
(In reply to Kai Engert (:KaiE:) from comment #30)
> Adalbert's comment 29 suggests one specific code block to be related.
That's a misunderstanding. That block likely creates the `Origin: null` header for the "POST" that is run in the fetch() in OAuth2.jsm. However, the functionality of this hunk is added elsewhere. IOW, if you only remove this code without taking the other hunks of the patch, no Origin header will ever be sent, even in situations where it's needed.
In earlier versions of TB ESR there was a branch on the Mozilla ESR repo for uplifting patches that TB needed but FF didn't want to uplift. Looks like this practice was abandoned from TB 91. BTW, the regressions don't look relevant to TB.
In Mozilla Bugzilla #1810760, Kai Engert (kaie) wrote : | #37 |
Thanks for your helpful clarification!
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #38 |
It does seem likely that we can use a different method in JS rather than trying to patch the fetch code so Sean is currently working on that.
In Mozilla Bugzilla #1810760, Seán de Búrca (leftmostcat) wrote : | #39 |
Created attachment 9314399
Bug 1810760 - use HTTP channels instead of fetch for oauth token. r=darktrojan
In Mozilla Bugzilla #1810760, Seán de Búrca (leftmostcat) wrote : | #40 |
Created attachment 9314407
Bug 1810760 - use HTTP channels for Microsoft oauth. r=darktrojan
In Mozilla Bugzilla #1810760, Seán de Búrca (leftmostcat) wrote : | #41 |
Created attachment 9314408
bug-1810760-use-http-
[Approval Request Comment]
Regression caused by (bug #):
User impact if declined: continued inability to use Microsoft OAuth
Testing completed (on c-c, etc.): verified able to log in to both Microsoft and other OAuth providers
Risk to taking this patch (and alternatives if risky): small potential for negative effect on non-Microsoft OAuth providers
In Mozilla Bugzilla #1810760, 1-geoff (1-geoff) wrote : | #42 |
Comment on attachment 9314408
bug-1810760-use-http-
I'm okay with this, but: from `let result = JSON.parse(
In Mozilla Bugzilla #1810760, 1-geoff (1-geoff) wrote : | #43 |
Additionally, it's missing certificate error handling, but I imagine if that happens on Microsoft's servers we've got bigger problems.
In Mozilla Bugzilla #1810760, Bugzilla2007 (bugzilla2007) wrote : | #44 |
Until this lands, 102 is still affected (again).
(In reply to Sean Burke [:leftmostcat] from comment #37)
> Created attachment 9314408
> bug-1810760-use-http-
> [Approval Request Comment]
> Regression caused by (bug #):
> User impact if declined: continued inability to use Microsoft OAuth
In Mozilla Bugzilla #1810760, Adalbert-chamisso (adalbert-chamisso) wrote : | #45 |
Created attachment 9314698
1810760-
May I suggest to simplify/tidy the trunk revision a little? Specifically since `mode` can have three values `cors`, `no-cors` and `same-origin`, having a variable named `useCORS` to imply setting `no-cors` when `false` and doing nothing when `true` is confusing. This also aligns the trunk code a bit more with the ESR code. No functional change. Attachment 9314408 doesn't apply to trunk, so I assume you're planning to apply this to ESR only.
In Mozilla Bugzilla #1810760, Pbhj-8 (pbhj-8) wrote : | #46 |
I'm using 102.7.1 -- 1:102.7.
I now get a popup going to https:/
Thunderbird works for a different live.com account. Is this an actual bug on the Thunderbird end or is MS blocking Thunderbird use?
[Aside: This issue gave me problems with Pihole, as microsoftonline.com actually doesn't appear to be an accessible domain (no nslookup response, even on azure-dns.com nameservers, can't ping), instead login.microsoft
In Mozilla Bugzilla #1810760, Pbhj-8 (pbhj-8) wrote : | #47 |
I should add that https:/
In Mozilla Bugzilla #1810760, Seán de Búrca (leftmostcat) wrote : | #48 |
(In reply to [:dandarnell] from comment #20)
> Thunderbird 110.0b2:
> https:/
(In reply to Adalbert Chamisso from comment #41)
> Created attachment 9314698
> 1810760-
>
> May I suggest to simplify/tidy the trunk revision a little? Specifically since `mode` can have three values `cors`, `no-cors` and `same-origin`, having a variable named `useCORS` to imply setting `no-cors` when `false` and doing nothing when `true` is confusing. This also aligns the trunk code a bit more with the ESR code. No functional change. Attachment 9314408 doesn't apply to trunk, so I assume you're planning to apply this to ESR only.
I'd actually like to back this patch out. It turns out it does nothing to address the issue and OAuth is working in trunk due to internal changes in Gecko. Rob, can we revert that change?
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #49 |
Linux users who have experienced this issue...
We would greatly appreciate your feedback ASAP by using linux test build https:/
In Mozilla Bugzilla #1810760, Harm van Bakel (hvbakel) wrote : | #50 |
I just gave the test build a try but I'm getting the error "Couldn't load XPCOM" when starting the thunderbird binary. The dist/bin folder has many broken symlinks and I'm wondering if the test build might be missing some top-level folders?
In Mozilla Bugzilla #1810760, F-daniel-d (f-daniel-d) wrote : | #51 |
(In reply to Harm van Bakel from comment #46)
> I just gave the test build a try but I'm getting the error "Couldn't load XPCOM" when starting the thunderbird binary. The dist/bin folder has many broken symlinks and I'm wondering if the test build might be missing some top-level folders?
Here is a try build with the patch applied that should solve symlinking issues: https:/
In Mozilla Bugzilla #1810760, Harm van Bakel (hvbakel) wrote : | #52 |
(In reply to Daniel Darnell [:dandarnell] from comment #47)
> (In reply to Harm van Bakel from comment #46)
> > I just gave the test build a try but I'm getting the error "Couldn't load XPCOM" when starting the thunderbird binary. The dist/bin folder has many broken symlinks and I'm wondering if the test build might be missing some top-level folders?
>
> Here is a try build with the patch applied that should solve symlinking issues: https:/
Still no luck I'm afraid. I'm getting the following error on Ubuntu 22.04:
```
XPCOMGlueLoad error for file thunderbird/
libgtk-3.so.0: cannot open shared object file: No such file or directory
Couldn't load XPCOM.
```
In Mozilla Bugzilla #1810760, Orion-cora (orion-cora) wrote : | #53 |
Well, it was a bit of a pain to test being a 32-bit executable so I has to install all of the 32-bit library deps - that's likely what the other responders are experiencing. But it does appear to run fine and authenticate to MS365 while 102.7.1 did not.
In Mozilla Bugzilla #1810760, Krzysztof (krzysdz) wrote : | #55 |
(In reply to Geoff Lankow (:darktrojan) from comment #50)
> This is the 64-bit one: https:/
This build seems to work for me with an office365 mail unlike 102.7.1 from the mozillateam PPA.
In Mozilla Bugzilla #1810760, Simone-perriello (simone-perriello) wrote : | #56 |
(In reply to Geoff Lankow (:darktrojan) from comment #50)
> This is the 64-bit one: https:/
It works on my ArchLinux
In Mozilla Bugzilla #1810760, longsonr (longsonr) wrote : | #57 |
*** Bug 1813990 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #58 |
Comment on attachment 9314408
bug-1810760-use-http-
[Triage Comment]
approved for esr102
In Mozilla Bugzilla #1810760, Rob Lemley (rjl-tbird) wrote : | #59 |
Backout comm-central:
https:/
Backout comm-beta:
https:/
Per Sean (leftmostcat), no backout is needed on comm-esr102 as the patch in comment 54 includes the backout.
In Mozilla Bugzilla #1810760, Harm van Bakel (hvbakel) wrote : | #60 |
(In reply to Geoff Lankow (:darktrojan) from comment #50)
> This is the 64-bit one: https:/
Thank you for providing the 64-bit build. I can confirm that it is also working for me with Oauth2 on office365 and two-factor authentication enabled.
In Mozilla Bugzilla #1810760, Rob Lemley (rjl-tbird) wrote : | #61 |
Thunderbird 102.7.1:
https:/
In Mozilla Bugzilla #1810760, Erik Meitner (eamuwmath) wrote : | #62 |
(In reply to Geoff Lankow (:darktrojan) from comment #50)
> This is the 64-bit one: https:/
Working for me on Ubuntu 22.04. Mail provider is O365 with a custom OAuth system that our university uses.
In Mozilla Bugzilla #1810760, Rick Beldin (rick-beldin-s) wrote : | #63 |
I tried the tarball listed above:
This is the 64-bit one: https:/
Unfortunately, it didn't pick up my existing profile, which has some history. I didn't want to troubleshoot myself into a corner. I reverted back to 1:102.4.
If someone has a pointer on how the tarball image can pick up my existing profile under Ubuntu 22.04 , I would be happy to try it.
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #64 |
build 2 of 102.7.1 is now shipped.
Thank you all for your patience and testing results. This gives us more confidence in what we are shipping.
In Mozilla Bugzilla #1810760, Cai-0407 (cai-0407) wrote : | #65 |
(In reply to Wayne Mery (:wsmwk) from comment #60)
> build 2 of 102.7.1 is now shipped.
Manual update from 102.7.0 to 102.7.1 from Help menu is available now on Win 10, but OAuth2 with M365 personal account is still not available.
(I am the reporter of bug 1799259, a dup of bug 1685414)
Authentication dialog (https:/
Then Tb says "Authentication failure while connecting to server outlook.
Error console log:
NS_ERROR_
onStateChange resource:
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #66 |
(In reply to Kosuke Kaizuka from comment #61)
> (In reply to Wayne Mery (:wsmwk) from comment #60)
> > build 2 of 102.7.1 is now shipped.
>
> Manual update from 102.7.0 to 102.7.1 from Help menu is available now on Win 10, but OAuth2 with M365 personal account is still not available.
> (I am the reporter of bug 1799259, a dup of bug 1685414)
It's possible you're experiencing a different issue. To find the real error message, you'll want to open Tools -> Developer Tools -> Developer Toolbox and go to the Network tab BEFORE ATTEMPTING A LOGIN.
Then, filter the requests for "token" and you should be able to find it. Here is a screenshot of the error for this bug: https:/
In Mozilla Bugzilla #1810760, Cai-0407 (cai-0407) wrote : | #67 |
(In reply to Andrei Hajdukewycz [:sancus] from comment #62)
> (In reply to Kosuke Kaizuka from comment #61)
> > (In reply to Wayne Mery (:wsmwk) from comment #60)
> > > build 2 of 102.7.1 is now shipped.
> >
> > Manual update from 102.7.0 to 102.7.1 from Help menu is available now on Win 10, but OAuth2 with M365 personal account is still not available.
> > (I am the reporter of bug 1799259, a dup of bug 1685414)
>
> It's possible you're experiencing a different issue. To find the real error message, you'll want to open Tools -> Developer Tools -> Developer Toolbox and go to the Network tab BEFORE ATTEMPTING A LOGIN.
>
> Then, filter the requests for "token" and you should be able to find it. Here is a screenshot of the error for this bug: https:/
There is no "token" in Network tab.
screenshot: https:/
1st (302): https:/
2nd (302): https:/
3rd: https:/
Same result for all.
In Request section, "No payload for this request".
In Response section, "No response data available for this request".
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #68 |
(In reply to Kosuke Kaizuka from comment #63)
> Same result for all.
> In Request section, "No payload for this request".
> In Response section, "No response data available for this request".
Yeah, I don't think you're hitting this bug, it's something completely different. I'm going to reopen your bug and move discussion of that issue back there so we don't clutter this one.
In Mozilla Bugzilla #1810760, Fabian-dellwing (fabian-dellwing) wrote : | #69 |
(In reply to Wayne Mery (:wsmwk) from comment #60)
> build 2 of 102.7.1 is now shipped.
>
> Thank you all for your patience and testing results. This gives us more confidence in what we are shipping.
When will it hit the mozillateam PPA?
In Mozilla Bugzilla #1810760, Dronmbi-8 (dronmbi-8) wrote : | #70 |
Hi,
I can confirm that after installing the 102.7.1 (64-bit windows) I can now READ e-mails from office365 account, but I still cannot SEND them.
SMTP auth window pops up, everything goes as normal, except that after a couple of seconds TB shows "Login to server outlook.
In Mozilla Bugzilla #1810760, Dquiros-f (dquiros-f) wrote : | #71 |
@hotmail.com still not working.
110.0b3 (64-bit) Windows
In Mozilla Bugzilla #1810760, Dquiros-f (dquiros-f) wrote : | #72 |
windows
In Mozilla Bugzilla #1810760, Harm van Bakel (hvbakel) wrote : | #73 |
I can confirm that with the recent Thunderbird 102.7.1-2 build in the latest/candidate snap channel I can both receive (imap) and send (smtp) emails on a Microsoft O365 account with OAuth2. Other OAuth accounts such as google are also working.
In Mozilla Bugzilla #1810760, Dronmbi-8 (dronmbi-8) wrote : | #74 |
(In reply to Andrey Kiryanov from comment #66)
> Hi,
>
> I can confirm that after installing the 102.7.1 (64-bit windows) I can now READ e-mails from office365 account, but I still cannot SEND them.
> SMTP auth window pops up, everything goes as normal, except that after a couple of seconds TB shows "Login to server outlook.
Here's what I see in the error console:
ailnews.smtp: Command failed: 535 Authentication unsuccessful [GVYP280CA0032.
_onCommand resource:
_parse resource:
_onData resource:
mailnews.smtp: Error during AUTH XOAUTH2, sending empty response
IMAP authentication with the very same credentials works though.
In Mozilla Bugzilla #1810760, Rjflory (rjflory) wrote : | #75 |
TB 102.7.1 as posted to servers does not correct this issue for me (Linux x86-64). After reverting to 102.6.0 , works fine again.
In Mozilla Bugzilla #1810760, Rick Beldin (rick-beldin-s) wrote : | #76 |
Update:
I tried the tarball listed above:
This is the 64-bit one: https:/
This worked properly to send and receive emails from my corporate office365 account. Need to pass the --ProfileManager option to the manual start to ensure that I could select an existing profile.
In Mozilla Bugzilla #1810760, kikibelux (kikibelux) wrote : | #77 |
Hi everybody !
Sorry for my poor english but I want to share a thing with you !
On Arch Linux, i installed TB 109.0b4 and I can send I receive mail from office server.
But, in same time , and I don't know is it possible ! but the same account on TB 102.7.0 (64 bits) that was bad are NOW useful !
I have not the explaination but I want to write this to you !
Why ? somebody could say ?
Thanks
In Mozilla Bugzilla #1810760, Vseerror (vseerror) wrote : | #78 |
Turns out SMTP will be a different bug. Will post a bug# soon.
In Mozilla Bugzilla #1810760, Rjflory (rjflory) wrote : | #79 |
<dang, wising one could edit their own post>
official TB 102.7.1 does NOT correct the Office365 issue w/ IMAP (receive mail is still broken). I cannot get far enough to test SMTP 'mail-send'. Both send/receive mail work just fine after downgrade to TB 102.6.0 though.
Because of the inconvenience this issue causes users, 102.7.1 should be retracted until both IMAP and SMTP issues are resolved and *much* positive testing-feedback has been received.
Just a suggestion- could a config/registry setting be added to TB to disable this recent feature-addition? It would be much easier to instruct users to simply disable this feature than to force them to uninstall/
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #80 |
(In reply to Ron Flory from comment #75)
> <dang, wising one could edit their own post>
> official TB 102.7.1 does NOT correct the Office365 issue w/ IMAP (receive mail is still broken). I cannot get far enough to test SMTP 'mail-send'. Both send/receive mail work just fine after downgrade to TB 102.6.0 though.
I can't reproduce any issues signing into Office365. Do you experience this problem with a new profile or only an old profile? There are some problems with old oAuth settings being retained which we may still need to resolve.
We could revert, yes, but this will only kick the can down the road, because 115 will still be changed. It's not possible for oAuth to continue working the way it does in 102.6.1 and prior.
> Because of the inconvenience this issue causes users, 102.7.1 should be retracted until both IMAP and SMTP issues are resolved and *much* positive testing-feedback has been received.
The testing you're suggesting isn't actually possible. We did have these changes on nightly/beta for some time, and didn't have any problems reported. 102 is its own branch and in addition there is an absolutely absurd amount of variation in Microsoft policies and technical setups, far more than is represented in the beta population.
The reality is, Microsoft REALLY does not want this to work easily.
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #81 |
If you're having problems with *only* SMTP, please see [bug 1775077#c10](https:/
In Mozilla Bugzilla #1810760, Evan-cooch (evan-cooch) wrote : | #82 |
Problem persists for my Linux machines (RHEL), after upgrading to 102.7.1. My Windows machines don't seem to have a problem, but 3/3 Linux machines - nope. And, I'm using pop, not imap.
In Mozilla Bugzilla #1810760, O-steve-f (o-steve-f) wrote : | #83 |
This is still not working on my Mac or my family member's Mac. When trying to configure for POP3, I get a message that says "You are about to override how Thunderbird identifies this site." The location is set to "outlook.
When I try the "Get Certificate" button, it replies "This site attempts to identify itself with invalid information. When I remove the port 995, so the location says "outlook.
If I leave in the port so the location says "outlook.
In Mozilla Bugzilla #1810760, O-steve-f (o-steve-f) wrote : | #84 |
And the checkbox on the is unchecked as mentioned in bug 1775077#c10 on the Admin Exchange panel.
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #85 |
(In reply to steve from comment #79)
> This is still not working on my Mac or my family member's Mac. When trying to configure for POP3, I get a message that says "You are about to override how Thunderbird identifies this site." The location is set to "outlook.
Haven't a clue what's going on here, and can't reproduce any of this. Not even sure how it could be related to this bug. So you're saying:
1) This worked before 102.7.0 ?
2) Does this work if you make a new profile and login on 102.7.1?
3) If the answer to #2 is "no" does it work on 110 beta?
Thanks.
In Mozilla Bugzilla #1810760, O-steve-f (o-steve-f) wrote : | #86 |
It worked for 19 years on my own POP3 server, then 10 years on outlook hosted on Rackspace, then after the Rackspace meltdown in November, Thunderbird worked for about 2 months on outlook.
I lost all my profiles, in the "trying things" stage, so yes, I created a new profile on 102.7.1 and used both autodetect, and ports and protocols experiments. Still looping.
I just downloaded Thunderbird 110.0b3.pkg, I'll give it a try.
In Mozilla Bugzilla #1810760, O-steve-f (o-steve-f) wrote : | #87 |
110.0b3.pkg creates a executable called "Thunderbird Daily.app". Starting it up takes you to the Startup screen, where the same problem occurred. I think it said "You are about to override how Daily identifies this site."
So I went to the About page, and there was a button that said "Restart to update" and after the restart the About pane said "111.0a1 (2023-02-01) (64-bit)" This time it did take my password, but maybe did not redirect to the Microsoft OATH page, but signed me in. It does not however download new messages.
The contents of the error log:
```
While creating services from category 'app-startup', service for entry 'ExtensionsChild', contract ID '@mozilla.
While creating services from category 'app-startup', service for entry 'OS Integration', contract ID '@mozilla.
1675313850290 addons.xpi WARN Checking /Applications/
While creating services from category 'app-startup', service for entry 'ExtensionsChild', contract ID '@mozilla.
While creating services from category 'app-startup', service for entry 'OS Integration', contract ID '@mozilla.
```
```
TypeError: can't access property "parentNode", mainKeyset is null
DevToolsStartup
Found 0 public keys and 0 secret keys (0 protected, 0 unprotected) RNPLib.jsm:546:15
services.settings: Failed to load last_modified.json: TypeError: NetworkError when attempting to fetch resource. Utils.jsm:330
1675313851206 places TRACE FrecencyRecalcu
1675313851206 places TRACE FrecencyRecalcu
1675313851207 places TRACE FrecencyRecalcu
While creating services from category 'app-startup', service for entry 'ExtensionsChild', contract ID '@mozilla.
While creating services from category 'app-startup', service for entry 'OS Integration', contract ID '@mozilla.
1675313851403 Sync.Status INFO Resetting Status.
1675313851407 Sync.Service INFO Loading Weave 1.113.0
Trying to load /Applications/
While creating services from category 'app-startup', service for entry 'ExtensionsChild', contract ID '@mozilla.
While creating services from category 'app-startup', service for entry 'OS Integration', contract ID '@mozilla.
Successfully loaded OTR library /Applications/
1675313851534 Sync.Service INFO Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/111.0 Thunderbird/111.0a1
NS_ERROR_FAILURE: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsITelemetry...
In Mozilla Bugzilla #1810760, O-steve-f (o-steve-f) wrote : | #88 |
Well the pasting is not going well, so here is the log in a google doc
https:/
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #89 |
(In reply to steve from comment #83)
> 110.0b3.pkg creates a executable called "Thunderbird Daily.app". Starting it up takes you to the Startup screen, where the same problem occurred. I think it said "You are about to override how Daily identifies this site."
> I'll paste the rest in the next comment (Bugzilla problems with large pastings)
I don't think you're experiencing anything related to this bug at all, sorry. If you had problems before upgrading to 102.7.0 it's not possible.
Also, there is nothing wrong with the office365.com SSL certificate, the fact that you're seeing these certificate issues implies you have some sort of antivirus installed that MITMs certificates or something like that, [as described in this support request](https:/
You should never, ever have to do a certificate override on a mail server and it's not related to oAuth.
In Mozilla Bugzilla #1810760, O-steve-f (o-steve-f) wrote : | #90 |
Then I restarted Thunderbird (110.0b3 (64-bit)) and tried it again, and got the MS OAUTH pop up which was good progress, and signed in, then on the Thunderbird Account Setup page "Account successfully created" was displayed also good progress.
Now it is downloading 293 of 5444 emails -- a good start! I get a lot of emails, and have lots of Thunderbird filters to deal with them. I'll have to see in the morning if it completed.
I'll look into antivirus issues in the morning. Thanks
In Mozilla Bugzilla #1810760, Fabian-dellwing (fabian-dellwing) wrote : | #91 |
(In reply to Fabian Dellwing from comment #65)
> (In reply to Wayne Mery (:wsmwk) from comment #60)
> > build 2 of 102.7.1 is now shipped.
> >
> > Thank you all for your patience and testing results. This gives us more confidence in what we are shipping.
>
> When will it hit the mozillateam PPA?
Still not available on the PPA
In Mozilla Bugzilla #1810760, David-fernebok (david-fernebok) wrote : | #92 |
Good morning,
It seems that with 102.7.1, the synchronisation works excepted the calendar. No calendar sync with O365. Anyone has an idea?
Thank you in advance.
Regards.
David
In Mozilla Bugzilla #1810760, Fabian-dellwing (fabian-dellwing) wrote : | #93 |
(In reply to David F from comment #88)
> Good morning,
>
> It seems that with 102.7.1, the synchronisation works excepted the calendar. No calendar sync with O365. Anyone has an idea?
>
> Thank you in advance.
>
> Regards.
>
> David
You always needed a 3rd party addon (mostlikly TbSync+EAS) to get calendar access?
In Mozilla Bugzilla #1810760, David-fernebok (david-fernebok) wrote : | #94 |
(In reply to Fabian Dellwing from comment #89)
> (In reply to David F from comment #88)
> > Good morning,
> >
> > It seems that with 102.7.1, the synchronisation works excepted the calendar. No calendar sync with O365. Anyone has an idea?
> >
> > Thank you in advance.
> >
> > Regards.
> >
> > David
>
> You always needed a 3rd party addon (mostlikly TbSync+EAS) to get calendar access?
The problem with TBSync +EAS, you will not see the details of the meeting and with Owl, you will see the meeting details but if you postpone or modify the meeting, the changes will not be synchronized.
In Mozilla Bugzilla #1810760, Mabian69 (mabian69) wrote : | #95 |
Hello, having issues with connection to Office365 Calendar since 102.7.0 (using EAS + TBSync).
I installed 102.7.1 and the issue persists, even deleted the account and recreating it...
It seems a browser window is directed to the following url after input of EAS account details for creation (Office 365 account type) and it's failing.
https:/
Note: <accountusername> and <accountdomain> had actual data, hidden for privacy.
In Mozilla Bugzilla #1810760, G-l-5 (g-l-5) wrote : | #96 |
I tried with 102.7.1 under Linux and the problem occurred there. TB 102-.76.1 is working fine.
In Mozilla Bugzilla #1810760, David-fernebok (david-fernebok) wrote : | #97 |
(In reply to Lars Hennig from comment #92)
> I tried with 102.7.1 under Linux and the problem occurred there. TB 102-.76.1 is working fine.
But not with the calendar...
In Mozilla Bugzilla #1810760, G-l-5 (g-l-5) wrote : | #98 |
(In reply to Lars Hennig from comment #92)
Need to correct the version working for me: TB 102.6.1 is working fine for IMAP.
Calendar never worked for me as IT does not allow to access the calendar through Thunderbird.
In Mozilla Bugzilla #1810760, Cr0n-b (cr0n-b) wrote : | #99 |
Testing with Ubuntu 22.04.1:
**102.7.
However, the standalone download version ([thunderbird-
In Mozilla Bugzilla #1810760, Cr0n-b (cr0n-b) wrote : | #100 |
> **102.7.
> However, the standalone download version ([thunderbird-
Update: **102.7.
In Mozilla Bugzilla #1810760, Erik Meitner (eamuwmath) wrote : | #101 |
There is a problem with upgrading to 102.7.1+
1. Currently running 1:102.4.
2. Close TB and upgrade to 102.7.1+
3. Backup my profile folder
3. Run TB
4. Can't authenticate. My university's OAuth popup just says "Stale request". Nothing can do will let me reauthenticate.
5. Close TB and create a test profile.
6. Works
7. Close TB and Downgrade to 1:102.4.
8. Run TB using original profile
9 Same problem as above
10 Close TB and try test profile.
11. Works
12. Restore original profile from backup
13. Run TB. Works.
Running a diff between the backup profile and the broken one shows a lot of changes in lots of files.
I worked with the broken profile and found that by deleting logins.json from the profile I was able to get it working again.
In Mozilla Bugzilla #1810760, Cr0n-b (cr0n-b) wrote : | #102 |
(In reply to emeitner from comment #97)
> There is a problem with upgrading to 102.7.1+
>
> 1. Currently running 1:102.4.
> 2. Close TB and upgrade to 102.7.1+
> 3. Backup my profile folder
> 3. Run TB
> 4. Can't authenticate. My university's OAuth popup just says "Stale request". Nothing can do will let me reauthenticate.
> 5. Close TB and create a test profile.
> 6. Works
> 7. Close TB and Downgrade to 1:102.4.
> 8. Run TB using original profile
> 9 Same problem as above
> 10 Close TB and try test profile.
> 11. Works
> 12. Restore original profile from backup
> 13. Run TB. Works.
>
> Running a diff between the backup profile and the broken one shows a lot of changes in lots of files.
>
> I worked with the broken profile and found that by deleting logins.json from the profile I was able to get it working again.
Did you try to remove any auth information from your university's mail server (e.g. "oauth://" entries) from the stored credentials in Thunderbird? I can force a reauth by doing that.
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #103 |
Thunderbird does not support O365 calendars in the first place, so please don't post in this bug if you're having a calendar problem. If you have a problem with an add-on, report that to the add-on author -- not here, where we can't do anything about it.
Bugzilla is also NOT a place for tech support.
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #104 |
(In reply to cr0n from comment #95)
> Testing with Ubuntu 22.04.1:
>
> **102.7.
Ubuntu PPA is not a build from Mozilla, and it seems they pushed a broken build of 102.7.1 that we never released. For anyone else on the PPA, make sure you are on the NEWEST 102.7.1 PPA build - **build 2**. Yes, there's two. Yes it's dumb.
In Mozilla Bugzilla #1810760, Mabian69 (mabian69) wrote : | #105 |
(In reply to Andrei Hajdukewycz [:sancus] from comment #99)
> Thunderbird does not support O365 calendars in the first place, so please don't post in this bug if you're having a calendar problem. If you have a problem with an add-on, report that to the add-on author -- not here, where we can't do anything about it.
>
> Bugzilla is also NOT a place for tech support.
Sorry, no.
TBSync + EAS worked - with their own known limitations - perfectly before 102.7.0.
This Thunderbird version broke everything and the extensions did not change. So it's definitely Thunderbird (102.7) fault, especially because no changes in plugin compatibility were announced.
And this is a place about Thunderbird issues, right?
Thanks,
Mario
In Mozilla Bugzilla #1810760, Seán de Búrca (leftmostcat) wrote : | #106 |
(In reply to evan.cooch from comment #78)
> Problem persists for my Linux machines (RHEL), after upgrading to 102.7.1. My Windows machines don't seem to have a problem, but 3/3 Linux machines - nope. And, I'm using pop, not imap.
What method do you use for installing on RHEL? I've attempted to reproduce by downloading the Linux tarball, running that version, and adding a Microsoft enterprise account using POP with OAuth, but I was unable to reproduce any issue.
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #107 |
The original bug(data in Origin header) has been fixed, so I'm going to close this, as it's gotten unwieldy. We do have other regressions and new bugs caused by Microsoft, so if you are experiencing any of the following you can comment... **WITH DETAILED STEPS TO REPRODUCE, PLEASE**:
**ON LINUX**, can login on 102.6.1, cannot on 102.7.1: Bug 1814536
Can login to IMAP/POP3 but **NOT SMTP** with OAuth: Bug 1775077 (note a workaround is to use basic authentication eg user/pass for SMTP only)
**On 102.7.1**, have certificate error messages with OAuth: Bug 1814824
**Profiles created prior to 102.7.1 cannot login**, but new profiles CAN: Bug 1814823
If you're experiencing something that doesn't fall into any of these categories, please check the [Microsoft OAuth Meta Bug](https:/
Unfortunately, these changes were required by Microsoft policy and technical changes to their OAuth system, and while reverting to 102.6.1 may temporarily solve some problems, the authentication on 102.6.1 is broken and has [other bugs](1685414) in it.
Thank you for bearing with us. We're equally frustrated with these problems and we will fix them.
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #108 |
Also, if you are **on Linux** and think you are still experiencing this specific bug(Origin: null in the header), make sure you are using 102.7.1 as it was released on https:/
Multiple package maintainers built an untested, unreleased build of 102.7.1. If a 102.7.1 build originated prior to Jan 31, 2023, then it is probably a bad build and you need to update again.
Launchpad Janitor (janitor) wrote : | #1 |
Status changed to 'Confirmed' because the bug affects multiple users.
Changed in thunderbird (Ubuntu): | |
status: | New → Confirmed |
Wojtek Kazimierczak (w-kazimierczak) wrote (last edit ): | #2 |
I've observed the issue described in this blog entry on Ubuntu 20.04 after the upgrade from thunderbird:amd64 1:102.4.
The issue is resolved after downgrade back to 102.4.2.
In theory build2 should be fixing issue, see discussion in upstream issue linked by Francis in description. Is there a problem with Ubuntu build?
In Mozilla Bugzilla #1810760, Sancus (sancus) wrote : | #109 |
*** Bug 1811460 has been marked as a duplicate of this bug. ***
In Mozilla Bugzilla #1810760, Seán de Búrca (leftmostcat) wrote : | #110 |
Comment on attachment 9314698
1810760-
Review of attachment 9314698:
-------
The revision in question has been backed out of the tree, patch is no longer needed.
Wojtek Kazimierczak (w-kazimierczak) wrote : | #3 |
It seems there's no issue with the build 102.7.1+build2 on Ubuntu.
For all users of Office 365 Enterprise searching for a solution: Thunderbird application ID has been changed in version 102.7.1 and the name of the application is "Mzla Technologies Corporation", which makes it difficult to find by your organization's Azure administrators.
In short, after an upgrade of Thunderebird to 102.7.1, you'll be redirected to Microsoft page where you need to enter your login / password + Multifactor authentication (MFA), then you'll see a screen with "Approval required", where you may add request comment to be sent to Azure admins. When the request is sent, Azure admin can validate it using the link:
https:/
({tenant-id} should be replaced in the above link)
This solved the issue for our users.
See here for details: https:/
Changed in thunderbird (Ubuntu): | |
status: | Confirmed → Invalid |
Changed in thunderbird: | |
status: | Unknown → Fix Released |
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ 104.0.5112. 102 Safari/537.36
Steps to reproduce:
upgraded the snap package for thunderbird (sudo snap refresh thunderbird) which took thunderbird from revision 281 (102.6.0-2) to revision 288 (102.7.0-1).
Actual results:
After upgrading, it prompted me to re-sign into my organisation's office 365 account, so I entered my password (the username/email address was prefilled in from the previous version I assume), entering my password gave me a new window asking for my OTP code for 2FA, I gave this and then the window closed and a banner on the screen showed saying authentication failure.
Expected results:
After entering the OTP code, it should have logged me in, and allowed me to use email services.
as an aside, I reverted the package to the previous version using sudo snap revert thunderbird --revision 281, and re-signed in again, and this worked.