Sample code for 30+ languages & platforms
Delphi DLL

POP3 Auto-Refresh Office365 Access Token

See more Office365 Examples

Demonstrates how to automatically recover from an expired OAuth2 access token when OAuth2 authentication fails in the POP3 protocol. If the server responds with "-ERR Authentication failure: unknown user name or bad password.", then we refresh the access token and retry.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, MailMan, OAuth2, StringBuilder, JsonObject;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
mailman: HCkMailMan;
jsonToken: HCkJsonObject;
oauth2: HCkOAuth2;
sbJson: HCkStringBuilder;
numEmails: Integer;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

mailman := CkMailMan_Create();

CkMailMan_putMailHost(mailman,'outlook.office365.com');
CkMailMan_putMailPort(mailman,995);
CkMailMan_putPopSsl(mailman,True);

// Use your O365 email address here.
CkMailMan_putPopUsername(mailman,'OFFICE365_EMAIL_ADDRESS');

// When using OAuth2 authentication, leave the password empty.
CkMailMan_putPopPassword(mailman,'');

// Load our previously obtained OAuth2 access token.
jsonToken := CkJsonObject_Create();
success := CkJsonObject_LoadFile(jsonToken,'qa_data/tokens/office365.json');
if (success = False) then
  begin
    Memo1.Lines.Add(CkJsonObject__lastErrorText(jsonToken));
    Exit;
  end;

CkMailMan_putOAuth2AccessToken(mailman,CkJsonObject__stringOf(jsonToken,'access_token'));

// Make the TLS connection to the outlook.office365.com POP3 server.
success := CkMailMan_Pop3Connect(mailman);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkMailMan__lastErrorText(mailman));
    Exit;
  end;

// Authenticate using XOAUTH2
success := CkMailMan_Pop3Authenticate(mailman);
if (success <> True) then
  begin
    // If we're still connected to the mail server, then it means the server sent a non-success response,
    // Such as:  -ERR Authentication failure: unknown user name or bad password.
    if (CkMailMan_getIsPop3Connected(mailman) = True) then
      begin

        // Refresh the OAuth2 access token, and if successful, save the new (refreshed) access token and try authenticating again.
        oauth2 := CkOAuth2_Create();

        // Use your actual Directory (tenant) ID instead of "112d7ed6-71bf-4eba-a866-738364321bfc"
        CkOAuth2_putTokenEndpoint(oauth2,'https://login.microsoftonline.com/112d7ed6-71bf-4eba-a866-738364321bfc/oauth2/v2.0/token');

        // Replace these with your Azure App Registration's actual values.
        CkOAuth2_putClientId(oauth2,'CLIENT_ID');
        CkOAuth2_putClientSecret(oauth2,'CLIENT_SECRET');

        // Get the "refresh_token"
        CkOAuth2_putRefreshToken(oauth2,CkJsonObject__stringOf(jsonToken,'refresh_token'));

        // Send the HTTP POST to refresh the access token..
        success := CkOAuth2_RefreshAccessToken(oauth2);
        if (success <> True) then
          begin
            Memo1.Lines.Add(CkOAuth2__lastErrorText(oauth2));
            Exit;
          end;

        Memo1.Lines.Add('New access token: ' + CkOAuth2__accessToken(oauth2));
        Memo1.Lines.Add('New refresh token: ' + CkOAuth2__refreshToken(oauth2));

        // Update the JSON with the new tokens.
        CkJsonObject_UpdateString(jsonToken,'access_token',CkOAuth2__accessToken(oauth2));
        CkJsonObject_UpdateString(jsonToken,'refresh_token',CkOAuth2__refreshToken(oauth2));

        // Save the new JSON access token response to a file.
        sbJson := CkStringBuilder_Create();
        CkJsonObject_putEmitCompact(jsonToken,False);
        CkJsonObject_EmitSb(jsonToken,sbJson);
        CkStringBuilder_WriteFile(sbJson,'qa_data/tokens/office365.json','utf-8',False);

        Memo1.Lines.Add('New Access Token = ' + CkOAuth2__accessToken(oauth2));

        // Update the mailman with the new access token.
        CkMailMan_putOAuth2AccessToken(mailman,CkOAuth2__accessToken(oauth2));

        // Retry the authentication.
        success := CkMailMan_Pop3Authenticate(mailman);
        if (success = False) then
          begin
            Memo1.Lines.Add(CkMailMan__lastErrorText(mailman));
            Exit;
          end;

      end
    else
      begin
        Memo1.Lines.Add(CkMailMan__lastErrorText(mailman));
        Exit;
      end;
  end;

// Find out how many emails are on the server..
numEmails := CkMailMan_CheckMail(mailman);
if (numEmails < 0) then
  begin
    Memo1.Lines.Add(CkMailMan__lastErrorText(mailman));
    Exit;
  end;

// Examine the POP3 session log:
Memo1.Lines.Add(CkMailMan__pop3SessionLog(mailman));

// The POP3 session log will look something like this:

// **** Connected to outlook.office365.com:995
// < +OK The Microsoft Exchange POP3 service is ready. [QwBIADIAUABSADEANgBDAEEAMAAwADEAMgAuAG4AYQBtAHAAcgBkADEANgAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
// > AUTH XOAUTH2
// < + 
// > <base64 string in XOAUTH2 format>
// < -ERR Authentication failure: unknown user name or bad password.
// > AUTH XOAUTH2
// < + 
// > <base64 string in XOAUTH2 format>
// < +OK User successfully authenticated.
// > STAT
// < +OK 248 46637086

// End the POP3 session and close the connection to the GMail server.
success := CkMailMan_Pop3EndSession(mailman);
if (success <> True) then
  begin
    Memo1.Lines.Add(CkMailMan__lastErrorText(mailman));
    Exit;
  end;

Memo1.Lines.Add('Finished.');

CkMailMan_Dispose(mailman);
CkJsonObject_Dispose(jsonToken);
        CkOAuth2_Dispose(oauth2);
        CkStringBuilder_Dispose(sbJson);

end;