Error - can't find config section

Question

Error - can't find config section

proxyheavennhell opened this issue 6 months ago · comments

Hello.

I have set up the proxy and the process is running, however it's not working and in the log I can see the following message:

"AUTHENTICATE Email OAuth 2.0 Proxy: No config file entry found for account - - please add a new section with values"

I have the section configured in the config file as my exchange mailbox email address in square braces - e.g [myemailaddress@company.com] which contains the standard config with my azure app id, client id, client secret etc

Any ideas why it can't find the account section in the config file? I'm puzzled.

Thanks if you can help!

Simon Robinson · Answer 1 · Thu Jan 18 2024 16:41:15 GMT+0800 (China Standard Time)

This is probably due to the case-sensitivity of account names. Exchange often likes to capitalise names in addresses – e.g., if your account is Your.Name@company.com, use exactly this in the configuration file (your.name@company.com will not work).

(A few years ago there was a similar discussion relating to this – as noted there, I'm happy to look at adding case insensitivity on a consultancy basis if needed)

proxyheavennhell · Answer 2 · Thu Jan 18 2024 16:53:14 GMT+0800 (China Standard Time)

Thanks for the tip.

I will check the case sensitivity but I think it's correct in the config file and matches the exchange email address case ok.

I do have a working version on a different system and looking in that log I can see one success log entry in there that's missing from the log on my non-working system:

--> b'A002 AUTHENTICATE XOAUTH2 '

Usually after this it will log the 'A002 OK AUTHENTICATE completed' whereas in my non-working system this does not appear and the no config file entry appears instead.

Is there anything else that could be wrong?

Thanks for any help 🙏

Simon Robinson · Answer 3 · Thu Jan 18 2024 16:56:16 GMT+0800 (China Standard Time)

I'd need to see the full log in --debug mode to be able to diagnose any further. It may be that your client is using an unusual authentication method, but I can't tell without seeing the log.

proxyheavennhell · Answer 4 · Thu Jan 18 2024 17:02:45 GMT+0800 (China Standard Time)

Thank you - log attached.

Please let me know if you recognise the issue?

Thanks again 🙏
imap log.txt

Simon Robinson · Answer 5 · Thu Jan 18 2024 17:11:58 GMT+0800 (China Standard Time)

This is an entirely normal log, so that's not the problem (with the caveat that you've censored the email address of course).

A few things to try:

Double-check any difference between the email address in the config file and the one in your client
Try authenticating manually from a terminal (see the readme for details)
Check that you are editing /opt/spinnaker_link_email_oauth/emailproxy.config rather than some other file, and also that if you've made any edits to the file you've reloaded the proxy

proxyheavennhell · Answer 6 · Thu Jan 18 2024 17:15:35 GMT+0800 (China Standard Time)

Thanks - will check those things.

Also FYI - that is the complete log file, I haven't censored anything. It is as it is. Is it still normal log output? I didn't think email address appeared in the log until after authentication was successful? Maybe I'm wrong...

Simon Robinson · Answer 7 · Thu Jan 18 2024 17:18:51 GMT+0800 (China Standard Time)

Ah... in that case the issue is that your client is sending an email address of - for some reason. You're correct that the email address is appended to log lines only after authentication is successful, but it should also appear in the login line 'A002 NO AUTHENTICATE Email OAuth 2.0 Proxy: No config file entry found for account - - please add a new section with values for permission_url, token_url, oauth2_scope, redirect_uri, client_id and client_secret\r\n' (instead of the first -).

To double-check this isn't an issue with the proxy, try logging in from a terminal. If that works as expected, check your client.

proxyheavennhell · Answer 8 · Thu Jan 18 2024 17:19:46 GMT+0800 (China Standard Time)

Yeah just checked my working log - the email address first appears when it logs the 'OK AUTHENTICATE completed' and in subsequent log entries.

proxyheavennhell · Answer 9 · Thu Jan 18 2024 17:28:53 GMT+0800 (China Standard Time)

Ok thanks, I'll check it out using the terminal and the telnet command.

I'll update asap. Thank you so much!

proxyheavennhell · Answer 10 · Thu Jan 18 2024 18:28:54 GMT+0800 (China Standard Time)

Hi again,

Just checked on my previously working system - and this one now exhibits the same issue, i.e:

"2024-01-18 10:24:00,699: IMAP (172.17.0.2:1993; 172.17.0.2:53756->outlook.office365.com:993) <-- b'A002 NO AUTHENTICATE Email OAuth 2.0 Proxy: No config file entry found for account - - please add a new section with values for permission_url, token_url, oauth2_scope, redirect_uri, client_id and client_secret\r\n"

When I test the account via telnet, I get:

"sh-4.4# telnet 172.17.0.2 1993
Trying 172.17.0.2...
Connected to 172.17.0.2.
Escape character is '^]'.

OK The Microsoft Exchange IMAP4 service is ready. [TABPADQAUAAyADYANQBDAEEAMAAwADcAMAAuAEcAQgBSAFAAMgA2ADUALgBQAFIATwBEAC4ATwBVAFQATABPAE8ASwAuAEMATwBNAA==]
a1 login OauthTest@spinnakersupport.com Password1!
a1 NO LOGIN Email OAuth 2.0 Proxy: Login failed - the password for account OauthTest@spinnakersupport.com is incorrect
BYE Autologout; authentication failed
Connection closed by foreign host."

So my question is - is the fact that the password is incorrect the cause of the 'No config file entry found for account - -' issue? Or are these 2 separate issues?

Thanks

proxyheavennhell · Answer 11 · Thu Jan 18 2024 18:50:32 GMT+0800 (China Standard Time)

Just did another test on my previously working system - I turned off the setting to encrypt client secret on first use (in case password was wrong from what I had set before) and entered client secret into config file again unencrypted, but I'm getting the same issue as on the other system, i.e I can see the following in the debug log:

"2024-01-18 10:47:22,721: IMAP (172.17.0.2:1993; 172.17.0.2:53768->outlook.office365.com:993) Caught connection error (client) - ConnectionResetError : [Errno 104] Connection reset by peer"

Followed eventually by:

"2024-01-18 10:47:23,031: IMAP (172.17.0.2:1993; 172.17.0.2:53772->outlook.office365.com:993) --> b'A002 AUTHENTICATE PLAIN [[ Credentials removed from proxy log ]]\r\n'
2024-01-18 10:47:23,031: Proxy config file entry missing for account - - aborting login"

This all used to work fine.

Is this something up with outlook.office365.com:993 or something?

Help!

Simon Robinson · Answer 12 · Fri Jan 19 2024 03:23:00 GMT+0800 (China Standard Time)

I'd start with a fresh configuration section, and unencrypted client secret, and secret encryption turned off. Get it working via telnet (which already seems to be the case; the password won't be an issue when starting from scratch), then move to your client.

To answer your specific questions: no, the password being incorrect is unrelated (and you wouldn't get to the password step if the config entry couldn't be found. I don't think this is an issue with the Office365 server either.

Simon Robinson · Answer 13 · Wed Jan 24 2024 04:20:49 GMT+0800 (China Standard Time)

Were you able to resolve this?

proxyheavennhell · Answer 14 · Wed Jan 24 2024 21:28:41 GMT+0800 (China Standard Time)

Hello.

Yes I did in the end - it was my fault, I had a custom start script and had some custom tests inside that which were the cause of the strange errors/messages in the log file.

All good, thanks for your help, much appreciated!

Simon Robinson · Answer 15 · Thu Jan 25 2024 01:22:12 GMT+0800 (China Standard Time)

Thanks for following up – glad you were able to resolve this.