Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

IMAP Auto-Refresh Office365 Access Token

See more Office365 Examples

Demonstrates how to automatically recover from an expired access token when OAuth2 authentication fails in the IMAP protocol. If the server responds with "NO AUTHENTICATE failed.", then we refresh the access token and retry.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.OAuth2,
  Chilkat.StringBuilder,
  Chilkat.Imap,
  Chilkat.JsonObject;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  jsonToken: TJsonObject;
  imap: TImap;
  loginLastErrorText: string;
  oauth2: TOAuth2;
  sbJson: TStringBuilder;

begin
  success := False;

  //  An Office365 OAuth2 access token must first be obtained prior
  //  to running this code.

  //  Getting the OAuth2 access token for the 1st time requires the O365 account owner's 
  //  interactive authorizaition via a web browser.  Afterwards, the access token
  //  can be repeatedly refreshed automatically.

  //  See the following examples for getting and refreshing an OAuth2 access token

  //  Get Office365 SMTP/IMAP/POP3 OAuth2 Access Token
  //  Refresh Office365 SMTP/IMAP/POP3 OAuth2 Access Token

  //  First get our previously obtained OAuth2 access token.
  jsonToken := TJsonObject.Create;
  success := jsonToken.LoadFile('qa_data/tokens/office365.json');
  if (success = False) then
    begin
      WriteLn('Failed to open the office365 OAuth JSON file.');
      Exit;
    end;

  imap := TImap.Create;

  imap.Ssl := True;
  imap.Port := 993;

  //  Connect to the Office365 IMAP server.
  success := imap.Connect('outlook.office365.com');
  if (success <> True) then
    begin
      WriteLn(imap.LastErrorText);
      Exit;
    end;

  //  Use OAuth2 authentication.
  imap.AuthMethod := 'XOAUTH2';

  //  Login using our username (i.e. email address) and the access token for the password.
  success := imap.Login('OFFICE365_EMAIL_ADDRESS',jsonToken.StringOf('access_token'));
  if (success <> True) then
    begin
      loginLastErrorText := imap.LastErrorText;

      //  If we're still connected to the mail server, then it means the server sent a non-success response,
      //  Such as:  NO AUTHENTICATE failed.
      if (imap.IsConnected() = True) then
        begin

          //  Refresh the OAuth2 access token, and if successful, save the new (refreshed) access token and try authenticating again.
          oauth2 := TOAuth2.Create;

          //  Use your actual Directory (tenant) ID instead of "112d7ed6-71bf-4eba-a866-738364321bfc"
          oauth2.TokenEndpoint := 'https://login.microsoftonline.com/112d7ed6-71bf-4eba-a866-738364321bfc/oauth2/v2.0/token';

          //  Replace these with your Azure App Registration's actual values.
          oauth2.ClientId := 'CLIENT_ID';
          oauth2.ClientSecret := 'CLIENT_SECRET';

          //  Get the "refresh_token"
          oauth2.RefreshToken := jsonToken.StringOf('refresh_token');

          //  Send the HTTP POST to refresh the access token..
          success := oauth2.RefreshAccessToken();
          if (success <> True) then
            begin
              WriteLn(oauth2.LastErrorText);
              Exit;
            end;

          WriteLn('New access token: ' + oauth2.AccessToken);
          WriteLn('New refresh token: ' + oauth2.RefreshToken);

          //  Update the JSON with the new tokens.
          jsonToken.UpdateString('access_token',oauth2.AccessToken);
          jsonToken.UpdateString('refresh_token',oauth2.RefreshToken);

          //  Save the new JSON access token response to a file.
          sbJson := TStringBuilder.Create;
          jsonToken.EmitCompact := False;
          jsonToken.EmitSb(sbJson);
          sbJson.WriteFile('qa_data/tokens/office365.json','utf-8',False);

          WriteLn('New Access Token = ' + oauth2.AccessToken);

          //  Retry the login.
          success := imap.Login('OFFICE365_EMAIL_ADDRESS',jsonToken.StringOf('access_token'));
          if (success = False) then
            begin
              WriteLn(imap.LastErrorText);
              Exit;
            end;

        end
      else
        begin
          //  Show the last error text for the call to Login
          WriteLn(loginLastErrorText);
          Exit;
        end;
    end
  else
    begin
      WriteLn('O365 OAuth authentication is successful.');
    end;

  //  Do something...
  success := imap.SelectMailbox('Inbox');
  if (success <> True) then
    begin
      WriteLn(imap.LastErrorText);
      Exit;
    end;

  //  Your application can continue to do other things in the IMAP session....

  //  When finished, logout and close the connection.
  success := imap.Logout();
  success := imap.Disconnect();

  WriteLn('Finished.');


  jsonToken.Free;
  imap.Free;
          oauth2.Free;
          sbJson.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.