IBM Support

IJ28331: 7.6.1.2 - OFFICE 365 OAUTH ACCESS TOKENS CAPTURED WITH DOUBLE QUOTES

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • PROBLEM DESCRIPTION

With Office 365 email listener configured
with OAuth, the access token being retrieved and stored in the
database is including double quotes in the value which prevents
it from being valid for authentication.

STEPS TO
REPRODUCE

1) Create a system property for mail.debug.auth and
set it to true. In the SystemOut.log look for A1 AUTHENTICATE
XOAUTH2 and take the value after that and decode it from
base64. You'll see something
like:
user=emailaddressauth=Bearer "eyJ0e.....

2) Create a
non-persistent attribute on INBOUNDCOMMCFG that decrypts the
oauthaccesstoken attribute. We did this with an initialize
launch point on the non-persistent attribute with the following
script to display it

from psdi.server import MXServer
mbo.setVa
lue("EMXOAUTHACCESSTOKEN",MXServer.getMXServer().getMXCipher().d
ecData(mbo.getBytes("OAUTHACCESSTOKEN")))

Having a double
quote is problematic because it should not have a double quote
per the examples in https://docs.microsoft.com/en-us/exchange/cl
ient-developer/legacy-protocols/how-to-authenticate-an-imap-pop-
smtp-application-by-using-oauth. We've confirmed that was
causing the authentication to fail by removing the double
quotes from the oauthaccesstoken and validating that
connectivity started to work after that. Because this is
refreshed hourly, we have to customize Maximo to remove these
double quotes prior to storing the value.

RESULTS

Not
working as expected.

EXPECTED RESULTS

The access token being
retrieved and stored in the database should not include double
quotes.

PRODUCT VERSION
7.6.1.2

Local fix

  • N/A

Problem summary

  • ****************************************************************
* USERS AFFECTED:                                              *
* Users who authenticate their email listeners via oauth2.     *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* When obtaining the access token from MS O365, it is within   *
* double quotes.                                               *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************

Problem conclusion

  • This is fixed in code.
The fix for this APAR is contained in the following maintenance
package:
	 | release\fix pack | Interim Fix for Release 7.6.1.3 Product

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IJ28331
    • 

  • Reported component name
    SYSTEM CONFIG
    • 

  • Reported component ID
    5724R46S1
    • 

  • Reported release
    761
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2020-09-23
    • 

  • Closed date
    2020-10-26
    • 

  • Last modified date
    2020-10-26
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SYSTEM CONFIG
    • 

  • Fixed component ID
    5724R46S1
    • 



Applicable component levels


    








      
              
                            

              

              [{"Line of Business":{"code":"LOB59","label":"Sustainability Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSLKT6","label":"IBM Maximo Asset Management"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"761"}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            27 October 2020
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback