CORB issue when configuring Roundcube with Outlook
Question
I'm currently trying to configure Roundcube to work with Outlook's IMAP/SMTP through OAuth. If I don't use Oauth it seems be working fine but when trying to set up the authentication I get a CORB error in the console. The app lets you pick an account and reaches the consent screen. However once I hit "yes" for consent it redirects back to the Roundcube login page instead of inside the Outlook account. I tried everything I could think of and basically started brute forcing the setting at this point so I'm pretty lost as to what the problem might be. Any input would be greatly appreciated.
This is the 'default.inc.php' config that I currently have:
[$config\['oauth_provider'\] = 'outlook';
$config\['oauth_provider_name'\] = 'Outlook.com';
$config\['oauth_client_id'\] = "-||-||-";
$config\['oauth_client_secret'\] = "-||-||-";
$config\['oauth_auth_uri'\] = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
$config\['oauth_token_uri'\] = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
$config\['oauth_identity_uri'\] = "https://graph.microsoft.com/v1.0/me";
$config\['oauth_identity_fields'\] = null;
$config\['oauth_scope'\] = "https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/SMTP.Send User.Read offline_access";
$config\['oauth_auth_parameters'\] = \['nonce' => mt_rand(), 'prompt' => 'consent'\];
$config\['oauth_login_redirect'\] = true;
$config\['oauth_verify_peer'\] = true;
// of IMAP host (no prefix or port) and SMTP server e.g. \['imap.example.com' => 'smtp.example.net'\]
$config\['smtp_server'\] = 'tls://smtp.office365.com';
// SMTP port. Use 25 for cleartext, 465 for Implicit TLS, or 587 for STARTTLS (default)
$config\['smtp_port'\] = 587;
$config\['default_host'\] = 'ssl://outlook.office365.com';
// TCP port used for IMAP connections
$config\['default_port'\] = 993;][1]
Picture of what appears in the console after a redirect back to the login page: https://i.stack.imgur.com/17YO3.png
Error from Mozilla: The resource from “https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&client_id=1111111111&scope=https%3A%2F%2Foutlook.office.com%2FIMAP.AccessAsUser.All+https%3A%2F%2Foutlook.office.com%2FSMTP.Send+User.Read+offline_access&redirect_uri=https%3A%2F%2Fsocialcloudwm.com%2Fwebmailoffice365%2Findex.php%2Flogin%2Foauth&state=pJFjCaPDvbNG&nonce=1971951749&prompt=consent” was blocked due to MIME type (“text/html”) mismatch (X-Content-Type-Options: nosniff).
1 answers
solution1
0 2021-03-11 13:54:09
Contacted Microsoft and got a confirmation that it's an issue on their part.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.