Author Topic: "The login (OAUTH2) server returned something strange..." ???  (Read 15343 times)

Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: "The login (OAUTH2) server returned something strange..." ???
« Reply #15 on: April 21, 2018, 12:34:44 pm »
Quote
In the fix, after pass the MFA step, it prompts in a web view that the current app is not registered and there is a REGISTER button below it.

OK, thanks - so there is a change in the "fix" version, it now has the "complete the process in InTune" button which it did't have before. Right?

We've just become aware of InTune a few days ago - basically we'll have to handle this button and redirect you into InTune app and then it will complete the process and redirect back to our setup window.

This isn't something I can just do from the docs - and have asked for a test environment (an Office 365 domain with InTune enabled). Will take some time, sorry.

@screwfox67

Also InTune?

Can you try the custom build above and let us know if you got same exact behavior - a button to "continue in InTune" which does nothing?

Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

grindelsack

  • Newbie
  • *
  • Posts: 4
Re: "The login (OAUTH2) server returned something strange..." ???
« Reply #16 on: April 21, 2018, 04:41:42 pm »
Hi,

My phone is not managed by intune. Tried your custom build and switcht to MFA. Works like a charm. Thanks.

/GS

screwfox67

  • Newbie
  • *
  • Posts: 4
Re: "The login (OAUTH2) server returned something strange..." ???
« Reply #17 on: April 21, 2018, 06:40:46 pm »
Quote
In the fix, after pass the MFA step, it prompts in a web view that the current app is not registered and there is a REGISTER button below it.

OK, thanks - so there is a change in the "fix" version, it now has the "complete the process in InTune" button which it did't have before. Right?

We've just become aware of InTune a few days ago - basically we'll have to handle this button and redirect you into InTune app and then it will complete the process and redirect back to our setup window.

This isn't something I can just do from the docs - and have asked for a test environment (an Office 365 domain with InTune enabled). Will take some time, sorry.

@screwfox67

Also InTune?

Can you try the custom build above and let us know if you got same exact behavior - a button to "continue in InTune" which does nothing?
I get this message now:  looks looks like you're trying to open this resource with an app that hasn't been approved by your IT department. Ask them for a list of approved applications.

The following information might be useful to your administrator:

Access rules set by DXC Production restrict which applications can be used to open this resource

App name: Aqua Mail

App ID: 906be9aa-2843-47e6-a01d-ab9361ca7009

IP address: 86.13.20.234

Device identifier: not available

Device platform: Android

Device state: Unregistered

Signed in as jfox25@csc.com

Correlation ID: 80028645-7d97-48ba-987e-15bca85bcb38

Timestamp: 2018-04-21 15:39:52Z



Sent from my MI 5 using Tapatalk


screwfox67

  • Newbie
  • *
  • Posts: 4
Re: "The login (OAUTH2) server returned something strange..." ???
« Reply #18 on: April 21, 2018, 06:42:44 pm »
Quote
In the fix, after pass the MFA step, it prompts in a web view that the current app is not registered and there is a REGISTER button below it.

OK, thanks - so there is a change in the "fix" version, it now has the "complete the process in InTune" button which it did't have before. Right?

We've just become aware of InTune a few days ago - basically we'll have to handle this button and redirect you into InTune app and then it will complete the process and redirect back to our setup window.

This isn't something I can just do from the docs - and have asked for a test environment (an Office 365 domain with InTune enabled). Will take some time, sorry.

@screwfox67

Also InTune?

Can you try the custom build above and let us know if you got same exact behavior - a button to "continue in InTune" which does nothing?
I get this message now:  looks looks like you're trying to open this resource with an app that hasn't been approved by your IT department. Ask them for a list of approved applications.

The following information might be useful to your administrator:

Access rules set by DXC Production restrict which applications can be used to open this resource

App name: Aqua Mail

App ID: 906be9aa-2843-47e6-a01d-ab9361ca7009

IP address: 86.13.20.234

Device identifier: not available

Device platform: Android

Device state: Unregistered

Signed in as jfox25@csc.com

Correlation ID: 80028645-7d97-48ba-987e-15bca85bcb38

Timestamp: 2018-04-21 15:39:52Z



Sent from my MI 5 using Tapatalk
I get to MFA and then receive the above. So I'm wondering if my employer (DXC) have changed something And are restricting web access. (But it works for Edison mail!). 

Sent from my MI 5 using Tapatalk


Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: "The login (OAUTH2) server returned something strange..." ???
« Reply #19 on: April 21, 2018, 11:21:44 pm »
@screwfox67

Re: wondering if my employer (DXC) have changed something And are restricting web access

Well it's not "web access", but this from the error message looks ominous:

Quote
Access rules set by DXC Production restrict which applications can be used to open this resource

App name: Aqua Mail

Would it be possible to ask your company's IT Department if they've in fact deliberately blocked Aqua Mail?

Maybe they have a black list (which includes Aqua Mail) or a white list (which does not)?

Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

lijunle

  • Newbie
  • *
  • Posts: 18
Re: "The login (OAUTH2) server returned something strange..." ???
« Reply #20 on: April 24, 2018, 04:22:26 am »
Hi, @Kostya Vasilyev

May I ask any update on this issue? I really want to have AquaMail instead of other mail app.

Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: "The login (OAUTH2) server returned something strange..." ???
« Reply #21 on: April 24, 2018, 07:20:57 pm »
Re: May I ask any update on this issue? I really want to have AquaMail instead of other mail app.

I'm thinking that your case may be different (i.e. not related to InTune) - and that your IT department may have deliberately blocked Aqua Mail specifically. Guess you never asked them about it?
Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/

lijunle

  • Newbie
  • *
  • Posts: 18
Re: "The login (OAUTH2) server returned something strange..." ???
« Reply #22 on: May 04, 2018, 06:05:21 am »
@Kostya Vasilyev, Aqua Mail

I think you are replying to a wrong person. I don't think my company is blocking any specific app.

Today, I check the WPS email app. It does not prompt for the app encryption/registration. Instead, it directly goes to login success page and starts receiving the email. The first email is about intune registration. Click on it to redirect to intune app to complete registration. After registered, go back to the email app, refresh and it starts to download the real mails.

Till now, the email is not the administrator of the phone. It seems like the administrator part that I mentioned before is not really enforced.

Kostya Vasilyev

  • Hero Member
  • *****
  • Posts: 12740
Re: "The login (OAUTH2) server returned something strange..." ???
« Reply #23 on: May 04, 2018, 09:13:25 pm »
I know that the login procedure when using InTune is different.

I know that InTune takes care of "remote erase" etc. so it's not necessary for each email app to provide that.

We do not support "login through InTune" at this time, no changes yet.

I have asked our Project Manager to provide me with a test environment (purchase an Office 365 subscription, register a couple of accounts, enable InTune requirement) --

-- and *then* I'll be able to work on this. So far it hasn't happened.
Creating debug logs for diagnostics: https://www.aqua-mail.com/troubleshooting/

The official FAQ: https://www.aqua-mail.com/faq/

Лог-файлы для диагностики: https://www.aqua-mail.com/ru/troubleshooting/

Вопросы и ответы: https://www.aqua-mail.com/ru/faq/