1 stable release
Uses new Rust 2024
| new 1.0.0 | May 23, 2025 |
|---|
#163 in Authentication
20KB
227 lines
msoauth
A simple CLI tool for retrieving, refreshing, and printing Microsoft OAuth2 tokens via the Device Code flow. Useful for tools like NeoMutt with OAuth2-based accounts.
Features
- Authenticates using Microsoft OAuth2 Device Code flow
- Automatically saves/refreshes access tokens
- Prints access token for use in scripts or email clients
- Logs activity via tracing
- Friendly error messages and self-healing default mode
Requirements
- Rust (use rustup to install)
- A registered Azure AD app with the following:
- client_id
- tenant_id
- client_secret
- Scopes (e.g. https://graph.microsoft.com/.default)
Installation
cargo install --path .
Configuration
Create the file:
~/.config/msoauth/config.toml
With the contents:
client_id = "YOUR_CLIENT_ID"
client_secret = "YOUR_CLIENT_SECRET"
tenant_id = "YOUR_TENANT_ID"
scope = "https://graph.microsoft.com/.default"
To obtain these values:
- Go to https://portal.azure.com
- Navigate to Azure Active Directory > App Registrations
- Register a new app
- Under Overview, copy the
Application (cliend) IDandDirectory (tenant) ID. - Under Certificates & secrets, create a new client secret.
- Under API Permissions. Add
Microsoft Graph > Delegated | User.Reador other needed scopes.
Usage
msoauth --login # Start device login flow
msoauth --refresh # Refresh the token if expired
msoauth --print-token # Print current access token (refresh if needed)
msoauth --clear-token # Delete the saved token file
msoauth # Default, try refresh, fallback to login
Token is stored at:
~/.config/neomutt/token.json
Integration Example (NeoMutt)
set imap_pass="`msoauth --print-token`"
License
MIT
Dependencies
~13–25MB
~344K SLoC