OAuth2: Add support for ms-oapxbc protocol extension (!11) · Merge requests · GNOME / evolution-ews

Felix Moessbauer requested to merge fmoessbauer/evolution-ews:oauth2-ms-ms-oapxbc into master Jun 20, 2024

The first patch adds infrastructure to communicate with a locally running microsoft-identity-broker (Intune) via DBus to get a PRT SSO cookies. This infrastructure is needed to implement support for the ms-oapxbc oauth2.0 protocol extension.

The second patch uses the infrastructure to acquire and inject a PRT SSO cookie into the OAuth2.0 credentials prompt (only if a local microsoft-identity-broker service is running). With this workflow, the user is automatically authenticated (via the PRT SSO Cookie) and the login is detected as "login from managed device" in Azure Entra ID. By that, EWS endpoints behind conditional access policies can be accessed.

The code introduces a new dependency to libuuid. This MR depends on evolution-data-server!159 (merged)

Signed-off-by: Felix Moessbauer felix.moessbauer@siemens.com

Edited Jun 20, 2024 by Felix Moessbauer

OAuth2: Add support for ms-oapxbc protocol extension

Merge request reports