Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

error with scripts.generate_token: AttributeError: 'Connection' object has no attribute 'check_token_file' #1

Open
adieball opened this issue Dec 2, 2019 · 13 comments
Open

error with scripts.generate_token: AttributeError: 'Connection' object has no attribute 'check_token_file' #1

adieball opened this issue Dec 2, 2019 · 13 comments

Comments

@adieball
Copy link

adieball commented Dec 2, 2019
edited
Loading

Hi

when executing python3 -m scripts.generate_token, I'll get the following error:
/cut/

pi@mrd-tenforward:~/meeting-room-display $ python3 -m scripts.generate_token
Generate token for id AAAAAAAAAA with secret BBBBBBBBBBBBBB
Traceback (most recent call last):
  File "/usr/lib/python3.7/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/lib/python3.7/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/home/pi/meeting-room-display/scripts/generate_token.py", line 58, in <module>
    if not con.check_token_file():
AttributeError: 'Connection' object has no attribute 'check_token_file'
pi@mrd-tenforward:~/meeting-room-display $

/cut/

any helping hands / ideas on that?
@lusiux
Copy link

lusiux commented Dec 5, 2019

Hi @adieball,

we are currently using the version 1.1.3 of the O365 library and have not updated to version 2.x (yet).

For the time being it might help to install O365==1.1.3 with pip and rerun the generate_token script. But be aware that you have to change the redirect URLs in the URL with is printed by the script.

@adieball
Copy link
Author

adieball commented Dec 6, 2019

@lusiux that works much better, thanks.
Unfortunately I'm still not there ... and the guide a a bit confusing

I have created a resource in O365 Exchange admin, i.e. the meeting room. That one now has a "user" with the email and a password.

Now I can the generate_token script, which gives me the following url to call:

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&client_id=AAAAAAAAA&redirect_uri=https%3A%2F%2Foutlook.office365.com%2Fowa%2F&scope=offline_access+https%3A%2F%2Fgraph.microsoft.com%2FCalendars.ReadWrite&state=BBBBBBBBB&access_type=offline

which part do I need to change now? V2.0 to V1.0? That doesn't work and just downloads an empty authorise.dms file.

If I just call the URL as given, I get asked to login. Doing so using the meetingroomuser email and password, which immediately after that is asking me again to login for owa. I use the same username / password and I'm in OWA for that meeting room user, but nowhere in the process I had to give consent to any application.

The URL I was given just before the second login (the one to OWA) looks like:

https://login.microsoftonline.com/common/oauth2/authorize?client_id=AAAAAAAAAAAAAAAAAAA&redirect_uri=https%3a%2f%2foutlook.office.com%2fowa%2f&resource=BBBBBBBBBBBBBBB&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=CCCCCCCCCCCCCCCCCCC&protectedtoken=true&nonce=6BIG_FAT_LONG_STRING

But if I copy that into the cli, I get:

Unable to fetch auth token. Error: (mismatching_state) CSRF Warning! State not equal in request and response.
Failed to store token file
/usr/bin/python3: Error while finding module specification for 'scripts.generate_token.py' (ModuleNotFoundError: __path__ attribute not found on 'scripts.generate_token' while trying to find 'scripts.generate_token.py')

@lusiux
Copy link

lusiux commented Dec 12, 2019

The part of the URL which has to be changed is the redirect_uri. I think it should be https://login.microsoftonline.com/common/oauth2/nativeclient instead of https://outlook.office365.com/owa/

The redirect URL has to be enabled in Exchange admin.

@adieball
Copy link
Author

Hi @lusiux

much better but still not there :-)

Now I get (after giving consent):
`Sorry, but we’re having trouble with signing you in.

AADSTS50011: The reply url specified in the request does not match the reply urls configured for the application: 'AAAABBBBBBCCCCCC'.`

the URL actually has "outlook.office365.com/owa in there, although I changed the redirect URL to https://login.microsoftonline.com/common/oauth2/nativeclient (see manifest further down)

You also said, the new redirect URL has to be enabled in Exchange Admin. Any tips where? I can't find anything like that.
Also: I'm assuming that enabling this new redirect URL will not break anything else (auto discovery etc)

Seems since you build the logic, a lot has changed (Azure, app registration options, python module, etc) maybe time to create a new version? happy to assist wherever I can

Maybe it helps to see the manifest:
{ "id": "BBBBBBBCCCCCCCCDDDDDD", "acceptMappedClaims": null, "accessTokenAcceptedVersion": null, "addIns": [], "allowPublicClient": null, "appId": "AAAAAA-1111-2222-abcd-235252535235", "appRoles": [], "oauth2AllowUrlPathMatching": false, "createdDateTime": "2019-12-02T16:56:34Z", "groupMembershipClaims": null, "identifierUris": [], "informationalUrls": { "termsOfService": null, "support": null, "privacy": null, "marketing": null }, "keyCredentials": [], "knownClientApplications": [], "logoUrl": null, "logoutUrl": null, "name": "mrd-tenforward", "oauth2AllowIdTokenImplicitFlow": true, "oauth2AllowImplicitFlow": true, "oauth2Permissions": [], "oauth2RequirePostResponse": false, "optionalClaims": { "idToken": [], "accessToken": [], "saml2Token": [] }, "orgRestrictions": [], "parentalControlSettings": { "countriesBlockedForMinors": [], "legalAgeGroupRule": "Allow" }, "passwordCredentials": [ { "customKeyIdentifier": null, "endDate": "2299-12-30T23:00:00Z", "keyId": "AAAAAA-1111-2222-33333-BBBBBBBBBBB", "startDate": "2019-12-02T17:25:38.162Z", "value": null, "createdOn": "2019-12-02T17:25:38.2360314Z", "hint": "6kq", "displayName": "mrd-tenforward" } ], "preAuthorizedApplications": [], "publisherDomain": "nbt-consulting.net", "replyUrlsWithType": [ { "url": "https://login.microsoftonline.com/common/oauth2/nativeclient", "type": "Web" } ], "requiredResourceAccess": [ { "resourceAppId": "00000003-0000-0000-c000-000000000000", "resourceAccess": [ { "id": "AAAAAAA-111111-45b9-22222-BBBBBBBB", "type": "Scope" }, { "id": "AAAAAA-1111-999999-3333-CCCCCCCC", "type": "Scope" }, { "id": "AAAAA-2222-2222-3333-4444444444", "type": "Scope" } ] } ], "samlMetadataUrl": null, "signInUrl": null, "signInAudience": "AzureADMultipleOrgs", "tags": [], "tokenEncryptionKeyId": null }

@cmd-k
Copy link

cmd-k commented Dec 15, 2019

I am having the exact same issue too. If i can assist with logs or error messages please let me know

@ohaz
Copy link
Contributor

ohaz commented Dec 27, 2019

We will have to switch to the new O365 authentication method sooner or later anyways (as the current system will shut down soon). Once that happens we will definitely update this repository. Not sure when we'll have the time to do it though.

@davidklein81
Copy link

Is there any current news here?
I am currently at the point that it gives me the following error after I connect to generated URL and return the URL I get

Unable to fetch auth token. Error: (missing_code) Missing code parameter in response.
Failed to store token file

@mp-chet
Copy link
Contributor

mp-chet commented Jan 19, 2022

I've just brought this repository up to date with our internal development state. This includes a bunch of commits to migrate the authentication backend to the new O365 method. This should hopefully fix the issue.

@davidklein81
Copy link

davidklein81 commented Jan 19, 2022
edited
Loading

I've just brought this repository up to date with our internal development state. This includes a bunch of commits to migrate the authentication backend to the new O365 method. This should hopefully fix the issue.

Now I was able to generate the o365_token.txt

For one or the other perhaps still a help. In the Azure AD app, I have stored these three addresses as redirect addresses, and only then did it return the required token:

https://outlook.office365.com/owa/
https://outlook.office365.com/mail/
https://login.microsoftonline.com/common/oauth2/nativeclienthttps://login.microsoftonline.com/common/oauth2/nativeclient

@davidklein81
Copy link

Probably a stupid question, but how does it go on now that I get the display to run :)

@mp-chet
Copy link
Contributor

mp-chet commented Feb 15, 2022

When you create an appointment in the Outlook calendar associated with the display, you can watch it pop up on the display when its time has come.

If adhoc: True is set in mrd/configuration.ini, you can also set up an immediate ad-hoc appointment simply by touching the screen.

@davidklein81
Copy link

Ok thanks, but that's not my real problem. I can't get the app to start. It's probably just me and my knowledge of Kivy. I have successfully gone through all the points from the description, now it's just a matter of how I get the app to run with Kivy. Maybe there is a HowTo for this?

@mp-chet
Copy link
Contributor

mp-chet commented Feb 15, 2022

Are you getting any concrete error messages or backtraces?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@ohaz @lusiux @adieball @mp-chet @cmd-k @davidklein81