Login / Reconnect to Office results in a 400 Bad Request.
Office reports a successful login, but MailSpring can’t process the answer or is using an outdated/invalid grant/scope. I can’t find any debug logs of the authentication requests.
*** Mailspring Sync
*** An exception occurred during program execution:
*** {“debuginfo”:"Sign in to your account RETURNED {“error”:“invalid_grant”,“error_description”:“AADSTS700084: The refresh token was issued to a single page app (SPA), and therefore has a fixed, limited lifetime of 1.00:00:00, which cannot be extended. It is now expired and a new sign in request must be sent by the SPA to the sign in page. The token was issued on 2022-02-28T08:27:26.2594659Z.\r\nTrace ID: 9637feb4-a091-4a8a-ade4-05cdccca8100\r\nCorrelation ID: 7bee19c1-9f0b-46da-a8ad-9c973a5c909d\r\nTimestamp: 2022-03-02 07:01:54Z”,“error_codes”:[700084],“timestamp”:“2022-03-02 07:01:54Z”,“trace_id”:“9637feb4-a091-4a8a-ade4-05cdccca8100”,“correlation_id”:“7bee19c1-9f0b-46da-a8ad-9c973a5c909d”,“error_uri”:“https://login.microsoftonline.com/error?code=700084"}",“key”:"Invalid Response Code: 400”,“retryable”:false,“what”:“std::exception”}
To Reproduce…
Steps to reproduce the behavior:
Go to preferences Accounts tab
Click on the “+” button at the bottom
Select “Office 365”
Authentication process is startet
Microsoft Office reports a successful login
MailSpring reports a bad request
Expected Behavior
Login is working successful and I can see my mails. This was working 1 week ago.
Same issue here, seems like O365 connections got borked somehow?
Arch Linux running mailspring 1.10 - anybody find any workarounds aside from downgrading back to 1.9 (which won’t open with latest package upgrades on arch unless use --no-sandbox)?
Also - anybody try re-adding the account to see if any different vs reconnecting an existing one that was there pre-upgrade?
@F1nny, I have just tried re-adding the account still the same error: OAuth Code exchange returned 400 Bad Request: {"error":"invalid_request","error_description":"AADSTS9002327: Tokens issued for the 'Single-Page Application' client-type may only be redeemed via cross-origin requests.\r\nTrace ID: b45b2eb0-1800-40e0-bf21-cc0fb3da2600\r\nCorrelation ID: bea3a193-757e-4e23-8e73-cce60419f77f\r\nTimestamp: 2022-03-03 09:57:31Z","error_codes":[9002327],"timestamp":"2022-03-03 09:57:31Z","trace_id":"b45b2eb0-1800-40e0-bf21-cc0fb3da2600","correlation_id":"bea3a193-757e-4e23-8e73-cce60419f77f"}
OAuth Code exchange returned 400 Bad Request: {“error”:“invalid_request”,“error_description”:“AADSTS9002327: Tokens issued for the ‘Single-Page Application’ client-type may only be redeemed via cross-origin requests.\r\nTrace ID: 07387f22-5043-4264-a6b7-275ccdf66200\r\nCorrelation ID: 6abfd984-2b66-46b1-a228-1dac6f1d133b\r\nTimestamp: 2022-03-01 13:35:45Z”,“error_codes”:[9002327],“timestamp”:“2022-03-01 13:35:45Z”,“trace_id”:“07387f22-5043-4264-a6b7-275ccdf66200”,“correlation_id”:“6abfd984-2b66-46b1-a228-1dac6f1d133b”}
This effectively makes Mailspring useless for business/work accounts sadly.
It looks like the issue is caused by using an SSO page with Office 365. In my case, after switching to DUO for SSO it broke Mailspring. I was able to confirm this also break with other third-party SSO providers IE okta.
What’s weird is this isn’t a problem in 1.9 / can roll back and it works (granted can hit the crash bug if running newer dependencies/arch or rolling release) - and a quick peruse I didn’t see anything relevant changing in the O365 linking between 1.9 and 1.10, but this is also the first time looked through the github so not unlikely i’m missing something.
From what could find on the AADSTS9002327 error, usually occurs when there’s no Origin in the header of the request, but again it wasn’t in there in 1.9 so why it’s different now not super clear.
I was trying to quickly add Origin to the header to the request in app/internal_packages/onboarding/lib/onboarding-helpers.ts but unfortunately I can’t get mailspring to build locally and ran out of time fussing with it. If anyone has a working build env setup could give it a quick shot just to see if any different - but may not have any impact / may be completely off
Also note this was just for quick testing purposes, this function is not only used for O365 accounts so could negatively impact other currently working connections (ie gmail).
OAuth Code exchange returned 400 Bad Request: {“error”:“invalid_request”,“error_description”:“AADSTS9002327: Tokens issued for the ‘Single-Page Application’ client-type may only be redeemed via cross-origin requests.\r\nTrace ID: 45f0da69-c3b4-4153-abbf-bfcb8c5a5b00\r\nCorrelation ID: 51765dbe-f433-4222-949c-a3ce872a10ed\r\nTimestamp: 2022-03-09 20:34:46Z”,“error_codes”:[9002327],“timestamp”:“2022-03-09 20:34:46Z”,“trace_id”:“45f0da69-c3b4-4153-abbf-bfcb8c5a5b00”,“correlation_id”:“51765dbe-f433-4222-949c-a3ce872a10ed”}
It’s happening the same to me. I can’t connect my Office 365 account with Mailspring 1.10. I had to install the 1.9.2 version again. This older version works fine.
My OS is Ubuntu 21.10, and I installed the .deb package.
Anyone have a working build env setup? If so and could try building the change in the patch above then toss the build up somewhere I can test it, otherwise/anycase this weekend I’ll try to get my node build env working
I’m new to Mailspring. Thought it might be the savior for 365 accounts on Linux, but I’m hit w/ the same bug. We use Okta for MFA, so not certain if that plays a part as the error seems identical to the OP. Reverting to 1.91 does work, but I haven’t used it long enough to see what other issues may arise on the older version.
When I try to log in to my office 365 email address I get the following message:
Sorry, we have trouble logging you in
And the following error:
OAuth Code exchange returned 400 Bad Request: {“error”:“invalid_request”,“error_description”:“AADSTS9002327: Tokens issued for the ‘Single-Page Application’ client-type may only be redeemed via cross-origin requests.\r\nTrace ID: 68919119-2633-4af9-bf0f-900345ba1e01\r\nCorrelation ID: 0ae7879e-6bbf-4868-b6b6-e86293b32a7d\r\nTimestamp: 2022-03-09 19:44:50Z”,“error_codes”:[9002327],“timestamp”:“2022-03-09 19:44:50Z”,“trace_id”:“68919119-2633-4af9-bf0f-900345ba1e01”,“correlation_id”:“0ae7879e-6bbf-4868-b6b6-e86293b32a7d”}
To Reproduce…
Steps to reproduce the behavior:
Option 1: Reconnect email
Open mailspring
Scroll down to Red alert saying you cannot be authenticated in bottom left corner
Click reconnect, browser opens
Enter your email credentials in browser
Observe the error described above in mailspring app
Option 2: Add office 365 account
Open mailspring
Click mailspring -> add account...
Click office 365
Enter your email credentials in browser
Observe the error described above in mailspring app
Mailspring required to re-login every day to my office 365 email, which I did without any problems for a couple of months, but as of today (09. March 2022), I am no longer able to re-login to my office 365 email.
Hey there!
I’m sorry to know that you cannot connect to your account…
Are you new to Mailspring? Have you used Mailspring before? If so, is this because of the update (1.10.0) since this error happens?
If so, you can try reverting Mailspring to 1.9, however, as you are a Mac user, I have no idea how to do so, peoples I’ve helped were using Windows…
Then it is probably related to one of the latest update of Mailspring, a recent update (That you might have installed automatically without being aware) made things a bit buggy for everyone, as such it might be your case too.
I will forward this error to the development team ASAP! I’ll keep you up to date if I have news!