Objective-C
Objective-C
IMAP Auto-Refresh Office365 Access Token
See more Office365 Examples
Demonstrates how to automatically recover from an expired access token when OAuth2 authentication fails in the IMAP protocol. If the server responds with "NO AUTHENTICATE failed.", then we refresh the access token and retry.Chilkat Objective-C Downloads
#import <CkoJsonObject.h>
#import <CkoImap.h>
#import <NSString.h>
#import <CkoOAuth2.h>
#import <CkoStringBuilder.h>
BOOL success = NO;
// An Office365 OAuth2 access token must first be obtained prior
// to running this code.
// Getting the OAuth2 access token for the 1st time requires the O365 account owner's
// interactive authorizaition via a web browser. Afterwards, the access token
// can be repeatedly refreshed automatically.
// See the following examples for getting and refreshing an OAuth2 access token
// Get Office365 SMTP/IMAP/POP3 OAuth2 Access Token
// Refresh Office365 SMTP/IMAP/POP3 OAuth2 Access Token
// First get our previously obtained OAuth2 access token.
CkoJsonObject *jsonToken = [[CkoJsonObject alloc] init];
success = [jsonToken LoadFile: @"qa_data/tokens/office365.json"];
if (success == NO) {
NSLog(@"%@",@"Failed to open the office365 OAuth JSON file.");
return;
}
CkoImap *imap = [[CkoImap alloc] init];
imap.Ssl = YES;
imap.Port = [NSNumber numberWithInt:993];
// Connect to the Office365 IMAP server.
success = [imap Connect: @"outlook.office365.com"];
if (success != YES) {
NSLog(@"%@",imap.LastErrorText);
return;
}
// Use OAuth2 authentication.
imap.AuthMethod = @"XOAUTH2";
// Login using our username (i.e. email address) and the access token for the password.
success = [imap Login: @"OFFICE365_EMAIL_ADDRESS" password: [jsonToken StringOf: @"access_token"]];
if (success != YES) {
NSString *loginLastErrorText = imap.LastErrorText;
// If we're still connected to the mail server, then it means the server sent a non-success response,
// Such as: NO AUTHENTICATE failed.
if ([imap IsConnected] == YES) {
// Refresh the OAuth2 access token, and if successful, save the new (refreshed) access token and try authenticating again.
CkoOAuth2 *oauth2 = [[CkoOAuth2 alloc] init];
// Use your actual Directory (tenant) ID instead of "112d7ed6-71bf-4eba-a866-738364321bfc"
oauth2.TokenEndpoint = @"https://login.microsoftonline.com/112d7ed6-71bf-4eba-a866-738364321bfc/oauth2/v2.0/token";
// Replace these with your Azure App Registration's actual values.
oauth2.ClientId = @"CLIENT_ID";
oauth2.ClientSecret = @"CLIENT_SECRET";
// Get the "refresh_token"
oauth2.RefreshToken = [jsonToken StringOf: @"refresh_token"];
// Send the HTTP POST to refresh the access token..
success = [oauth2 RefreshAccessToken];
if (success != YES) {
NSLog(@"%@",oauth2.LastErrorText);
return;
}
NSLog(@"%@%@",@"New access token: ",oauth2.AccessToken);
NSLog(@"%@%@",@"New refresh token: ",oauth2.RefreshToken);
// Update the JSON with the new tokens.
[jsonToken UpdateString: @"access_token" value: oauth2.AccessToken];
[jsonToken UpdateString: @"refresh_token" value: oauth2.RefreshToken];
// Save the new JSON access token response to a file.
CkoStringBuilder *sbJson = [[CkoStringBuilder alloc] init];
jsonToken.EmitCompact = NO;
[jsonToken EmitSb: sbJson];
[sbJson WriteFile: @"qa_data/tokens/office365.json" charset: @"utf-8" emitBom: NO];
NSLog(@"%@%@",@"New Access Token = ",oauth2.AccessToken);
// Retry the login.
success = [imap Login: @"OFFICE365_EMAIL_ADDRESS" password: [jsonToken StringOf: @"access_token"]];
if (success == NO) {
NSLog(@"%@",imap.LastErrorText);
return;
}
}
else {
// Show the last error text for the call to Login
NSLog(@"%@",loginLastErrorText);
return;
}
}
else {
NSLog(@"%@",@"O365 OAuth authentication is successful.");
}
// Do something...
success = [imap SelectMailbox: @"Inbox"];
if (success != YES) {
NSLog(@"%@",imap.LastErrorText);
return;
}
// Your application can continue to do other things in the IMAP session....
// When finished, logout and close the connection.
success = [imap Logout];
success = [imap Disconnect];
NSLog(@"%@",@"Finished.");