(Swift 3,4,5...) POP3 Auto-Refresh Office365 Access Token

See more Office365 Examples

Demonstrates how to automatically recover from an expired OAuth2 access token when OAuth2 authentication fails in the POP3 protocol. If the server responds with "-ERR Authentication failure: unknown user name or bad password.", then we refresh the access token and retry.

Chilkat Downloads for the Swift Programming Language MAC OS X (Cocoa) Objective-C/Swift Libs iOS Objective-C/Swift Libs

func chilkatTest() {
    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    let mailman = CkoMailMan()!

    mailman.mailHost = "outlook.office365.com"
    mailman.mailPort = 995
    mailman.popSsl = true

    // Use your O365 email address here.
    mailman.popUsername = "OFFICE365_EMAIL_ADDRESS"

    // When using OAuth2 authentication, leave the password empty.
    mailman.popPassword = ""

    // Load our previously obtained OAuth2 access token.
    let jsonToken = CkoJsonObject()!
    var success: Bool = jsonToken.loadFile("qa_data/tokens/office365.json")
    if success == false {
        print("\(jsonToken.lastErrorText!)")
        return
    }

    mailman.oAuth2AccessToken = jsonToken.string(of: "access_token")

    // Make the TLS connection to the outlook.office365.com POP3 server.
    success = mailman.pop3Connect()
    if success != true {
        print("\(mailman.lastErrorText!)")
        return
    }

    // Authenticate using XOAUTH2
    success = mailman.pop3Authenticate()
    if success != true {
        // If we're still connected to the mail server, then it means the server sent a non-success response,
        // Such as:  -ERR Authentication failure: unknown user name or bad password.
        if mailman.isPop3Connected == true {

            // Refresh the OAuth2 access token, and if successful, save the new (refreshed) access token and try authenticating again.
            let oauth2 = CkoOAuth2()!

            // Use your actual Directory (tenant) ID instead of "112d7ed6-71bf-4eba-a866-738364321bfc"
            oauth2.tokenEndpoint = "https://login.microsoftonline.com/112d7ed6-71bf-4eba-a866-738364321bfc/oauth2/v2.0/token"

            // Replace these with your Azure App Registration's actual values.
            oauth2.clientId = "CLIENT_ID"
            oauth2.clientSecret = "CLIENT_SECRET"

            // Get the "refresh_token"
            oauth2.refreshToken = jsonToken.string(of: "refresh_token")

            // Send the HTTP POST to refresh the access token..
            success = oauth2.refreshAccessToken()
            if success != true {
                print("\(oauth2.lastErrorText!)")
                return
            }

            print("New access token: \(oauth2.accessToken!)")
            print("New refresh token: \(oauth2.refreshToken!)")

            // Update the JSON with the new tokens.
            jsonToken.update("access_token", value: oauth2.accessToken)
            jsonToken.update("refresh_token", value: oauth2.refreshToken)

            // Save the new JSON access token response to a file.
            let sbJson = CkoStringBuilder()!
            jsonToken.emitCompact = false
            jsonToken.emitSb(sbJson)
            sbJson.writeFile("qa_data/tokens/office365.json", charset: "utf-8", emitBom: false)

            print("New Access Token = \(oauth2.accessToken!)")

            // Update the mailman with the new access token.
            mailman.oAuth2AccessToken = oauth2.accessToken

            // Retry the authentication.
            success = mailman.pop3Authenticate()
            if success == false {
                print("\(mailman.lastErrorText!)")
                return
            }

        }
        else {
            print("\(mailman.lastErrorText!)")
            return
        }

    }

    // Find out how many emails are on the server..
    var numEmails: Int = mailman.checkMail().intValue
    if numEmails < 0 {
        print("\(mailman.lastErrorText!)")
        return
    }

    // Examine the POP3 session log:
    print("\(mailman.pop3SessionLog!)")

    // The POP3 session log will look something like this:

    // **** Connected to outlook.office365.com:995
    // < +OK The Microsoft Exchange POP3 service is ready. [QwBIADIAUABSADEANgBDAEEAMAAwADEAMgAuAG4AYQBtAHAAcgBkADEANgAuAHAAcgBvAGQALgBvAHUAdABsAG8AbwBrAC4AYwBvAG0A]
    // > AUTH XOAUTH2
    // < + 
    // > <base64 string in XOAUTH2 format>
    // < -ERR Authentication failure: unknown user name or bad password.
    // > AUTH XOAUTH2
    // < + 
    // > <base64 string in XOAUTH2 format>
    // < +OK User successfully authenticated.
    // > STAT
    // < +OK 248 46637086

    // End the POP3 session and close the connection to the GMail server.
    success = mailman.pop3EndSession()
    if success != true {
        print("\(mailman.lastErrorText!)")
        return
    }

    print("Finished.")

}