Bug 55525 – office365/state: TokenValidationError: The received token for Azure AD connection defaultADconnection is not valid

Bug 55525 - office365/state: TokenValidationError: The received token for Azure AD connection defaultADconnection is not valid


Summary:	office365/state: TokenValidationError: The received token for Azure AD connec...

Status:	NEW

Product:	UCS
Classification:	Unclassified
Component:	Office 365
Version:	UCS 5.0
Hardware:	Other Linux

Importance:	P5 normal with 2 votes (vote)
Target Milestone:	---
Assigned To:	Mail maintainers
QA Contact:	Mail maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2023-01-03 09:49 CET by Mika Westphal
Modified:	2024-03-11 10:28 CET (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2023010321000197, 2023052321000081, 2023051721000449, 2023020821000579, 2023020821000542, 2023010421000293, 2024030221000086, 2024030221000077
Bug group (optional):	Error handling, External feedback
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mika Westphal

2023-01-03 09:49:14 CET

Version: 5.0-2 errata528

Remark: dasda

Error:
Internal server error during "office365/state".
Request: office365/state

Traceback (most recent call last):
  File "%PY3%/univention/management/console/base.py", line 347, in __error_handling
    six.reraise(etype, exc, etraceback)
  File "%PY3%/six.py", line 693, in reraise
    raise value
  File "%PY3%/univention/management/console/base.py", line 250, in execute
    function.__func__(self, request, *args, **kwargs)
  File "%PY3%/univention/management/console/modules/decorators.py", line 324, in _response
    result = _multi_response(self, request)
  File "%PY3%/univention/management/console/modules/decorators.py", line 184, in _response
    return function(self, request)
  File "%PY3%/univention/management/console/modules/decorators.py", line 446, in _response
    return list(function(self, iterator, *nones))
  File "%PY3%/univention/management/console/modules/decorators.py", line 292, in _fake_func
    yield function(self, *args)
  File "%PY3%/univention/management/console/modules/office365/__init__.py", line 200, in state
    account.parse_id_token(options['id_token'])
  File "%PY3%/univention/office365/microsoft/account.py", line 410, in parse_id_token
    raise TokenValidationError(_("The received token for Azure AD connection {adconnection} is not valid. Please run the wizard again.").format(adconnection=self.alias),
adconnection_alias=self.alias)
univention.office365.microsoft.exceptions.login_exceptions.TokenValidationError: The received token for Azure AD connection defaultADconnection is not valid. Please run the wizard
again.

Role: domaincontroller_master

Comment 1 Maximilian Janßen

2023-06-20 13:04:43 CEST

Version: 5.0-3 errata668
Remark: In an attempt to fix the issue with the SAML Setup batch file, I tried to rerun the Office 365 connector wizard. However, I ran into this error

Comment 2 Maximilian Janßen

2023-06-20 14:54:36 CEST

Version: 5.0-3 errata664
Remark: Followed this wizard step by step and got this error in the end.

Comment 3 Marcus 2024-03-02 15:08:28 CET

Hi, i have the same error. I went step by step and authenticated online at the step after. This error occurs every time. Please fix this error. Thank you


Interner Server-Fehler in "office365/state".
Request: office365/state

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/univention/management/console/base.py", line 387, in __error_handling
    six.reraise(etype, exc, etraceback)
  File "/usr/lib/python3/dist-packages/six.py", line 693, in reraise
    raise value
  File "/usr/lib/python3/dist-packages/univention/management/console/base.py", line 285, in execute
    function.__func__(self, request, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/management/console/modules/decorators.py", line 478, in _response
    result = _multi_response(self, request)
  File "/usr/lib/python3/dist-packages/univention/management/console/modules/decorators.py", line 189, in _response
    return function(self, request)
  File "/usr/lib/python3/dist-packages/univention/management/console/modules/decorators.py", line 602, in _response
    return list(function(self, iterator, *nones))
  File "/usr/lib/python3/dist-packages/univention/management/console/modules/decorators.py", line 444, in _fake_func
    yield function(self, *args)
  File "/usr/lib/python3/dist-packages/univention/management/console/modules/office365/__init__.py", line 200, in state
    account.parse_id_token(options['id_token'])
  File "/usr/lib/python3/dist-packages/univention/office365/microsoft/account.py", line 412, in parse_id_token
    _new_cryptography_checks(client_id, adconnection_id, id_token)
  File "/usr/lib/python3/dist-packages/univention/office365/microsoft/account.py", line 394, in _new_cryptography_checks
    raise TokenValidationError(_("The received token for Azure AD connection {adconnection} is not valid. Please run the wizard again.").format(adconnection=self.alias), adconnection_alias=self.alias)
univention.office365.microsoft.exceptions.login_exceptions.TokenValidationError: The received token for Azure AD connection defaultADconnection is not valid. Please run the wizard again.

Comment 4 Erik Damrose

2024-03-04 10:20:57 CET

The only way to fix the problem when it occurs is to re-run the wizard, and setup a new App registration on Azure. If you have a enterprise subscription please contact our support.

Comment 5 Marcus 2024-03-04 14:59:41 CET

Thanks Erik Damrose for your News, but I feel like I've done this step over 20 times and always get the same error. No matter what I try, it always gets out in the same place.

Comment 6 Mika Westphal

2024-03-11 10:26:13 CET

2024030221000086  5.0-6 errata974  HAS E-Mail

Interner Server-Fehler in "office365/state".
Request: office365/state

Traceback (most recent call last):
  File "%PY3%/univention/management/console/base.py", line 387, in __error_handling
    six.reraise(etype, exc, etraceback)
  File "%PY3%/six.py", line 693, in reraise
    raise value
  File "%PY3%/univention/management/console/base.py", line 285, in execute
    function.__func__(self, request, *args, **kwargs)
  File "%PY3%/univention/management/console/modules/decorators.py", line 478, in _response
    result = _multi_response(self, request)
  File "%PY3%/univention/management/console/modules/decorators.py", line 189, in _response
    return function(self, request)
  File "%PY3%/univention/management/console/modules/decorators.py", line 602, in _response
    return list(function(self, iterator, *nones))
  File "%PY3%/univention/management/console/modules/decorators.py", line 444, in _fake_func
    yield function(self, *args)
  File "%PY3%/univention/management/console/modules/office365/__init__.py", line 200, in state
    account.parse_id_token(options['id_token'])
  File "%PY3%/univention/office365/microsoft/account.py", line 412, in parse_id_token
    _new_cryptography_checks(client_id, adconnection_id, id_token)
  File "%PY3%/univention/office365/microsoft/account.py", line 394, in _new_cryptography_checks
    raise TokenValidationError(_("The received token for Azure AD connection {adconnection} is not valid. Please run the wizard again.").format(adconnection=self.alias), adconnection_alias=self.alias)
univention.office365.microsoft.exceptions.login_exceptions.TokenValidationError: The received token for Azure AD connection defaultADconnection is not valid. Please run the wizard again.

Comment 7 Mika Westphal

2024-03-11 10:28:40 CET

2024030221000077  5.0-6 errata974  Nachdem API-Berechtigungen bricht der Assistent ab.