From 55563b1235b491c31fd619bbb0ceb3478629179f Mon Sep 17 00:00:00 2001
From: Sebastian Holzer <sebastian.holzer@dibit.at>
Date: Mon, 3 Jun 2024 12:40:04 +0200
Subject: [PATCH 1/6] Updated Target Framework from 4.5 to 4.8.0

---
 Mail2Bug/App.config                        | 76 +++++++++++-----------
 Mail2Bug/Mail2Bug.csproj                   |  7 +-
 Mail2BugUnitTests/Mail2BugUnitTests.csproj |  7 +-
 Mail2BugUnitTests/app.config               | 20 +++---
 Tools/DpapiTool/App.config                 | 20 +++---
 Tools/DpapiTool/DpapiTool.csproj           |  4 +-
 6 files changed, 68 insertions(+), 66 deletions(-)

diff --git a/Mail2Bug/App.config b/Mail2Bug/App.config
index 375f9cf..7e6bb9e 100644
--- a/Mail2Bug/App.config
+++ b/Mail2Bug/App.config
@@ -1,49 +1,49 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <configuration>
   <startup>
-    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8"/>
   </startup>
   <appSettings>
-    <add key="Iterations" value="200" />
-    <add key="IntervalInSeconds" value="1" />
-    <add key="UseThreads" value="false" />
-    <add key="ConfigPath" value="Resources" />
-    <add key="ConfigFilePattern" value="Mail2BugConfig*.xml" />
-    <add key="log4net.Config" value="log4net.config" />
-    <add key="log4net.Config.Watch" value="True" />
-    <add key="ClientSettingsProvider.ServiceUri" value="" />
-    <add key="Microsoft.ServiceBus.ConnectionString" value="" />
-    <add key="EnforceTls12" value="true" />
+    <add key="Iterations" value="200"/>
+    <add key="IntervalInSeconds" value="1"/>
+    <add key="UseThreads" value="false"/>
+    <add key="ConfigPath" value="Resources"/>
+    <add key="ConfigFilePattern" value="Mail2BugConfig*.xml"/>
+    <add key="log4net.Config" value="log4net.config"/>
+    <add key="log4net.Config.Watch" value="True"/>
+    <add key="ClientSettingsProvider.ServiceUri" value=""/>
+    <add key="Microsoft.ServiceBus.ConnectionString" value=""/>
+    <add key="EnforceTls12" value="true"/>
   </appSettings>
   <system.web>
     <membership defaultProvider="ClientAuthenticationMembershipProvider">
       <providers>
-        <add name="ClientAuthenticationMembershipProvider" type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" />
+        <add name="ClientAuthenticationMembershipProvider" type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri=""/>
       </providers>
     </membership>
     <roleManager defaultProvider="ClientRoleProvider" enabled="true">
       <providers>
-        <add name="ClientRoleProvider" type="System.Web.ClientServices.Providers.ClientRoleProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" cacheTimeout="86400" />
+        <add name="ClientRoleProvider" type="System.Web.ClientServices.Providers.ClientRoleProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" cacheTimeout="86400"/>
       </providers>
     </roleManager>
   </system.web>
   <runtime>
     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.TeamFoundation.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0" />
+        <assemblyIdentity name="Microsoft.TeamFoundation.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0"/>
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.VisualStudio.Services.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0" />
+        <assemblyIdentity name="Microsoft.VisualStudio.Services.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0"/>
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.VisualStudio.Services.WebApi" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0" />
+        <assemblyIdentity name="Microsoft.VisualStudio.Services.WebApi" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0"/>
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
+        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0"/>
       </dependentAssembly>
     </assemblyBinding>
   </runtime>
@@ -51,25 +51,25 @@
     <extensions>
       <!-- In this extension section we are introducing all known service bus extensions. User can remove the ones they don't need. -->
       <behaviorExtensions>
-        <add name="connectionStatusBehavior" type="Microsoft.ServiceBus.Configuration.ConnectionStatusElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="transportClientEndpointBehavior" type="Microsoft.ServiceBus.Configuration.TransportClientEndpointBehaviorElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="serviceRegistrySettings" type="Microsoft.ServiceBus.Configuration.ServiceRegistrySettingsElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
+        <add name="connectionStatusBehavior" type="Microsoft.ServiceBus.Configuration.ConnectionStatusElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="transportClientEndpointBehavior" type="Microsoft.ServiceBus.Configuration.TransportClientEndpointBehaviorElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="serviceRegistrySettings" type="Microsoft.ServiceBus.Configuration.ServiceRegistrySettingsElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
       </behaviorExtensions>
       <bindingElementExtensions>
-        <add name="netMessagingTransport" type="Microsoft.ServiceBus.Messaging.Configuration.NetMessagingTransportExtensionElement, Microsoft.ServiceBus,  Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="tcpRelayTransport" type="Microsoft.ServiceBus.Configuration.TcpRelayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="httpRelayTransport" type="Microsoft.ServiceBus.Configuration.HttpRelayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="httpsRelayTransport" type="Microsoft.ServiceBus.Configuration.HttpsRelayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="onewayRelayTransport" type="Microsoft.ServiceBus.Configuration.RelayedOnewayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
+        <add name="netMessagingTransport" type="Microsoft.ServiceBus.Messaging.Configuration.NetMessagingTransportExtensionElement, Microsoft.ServiceBus,  Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="tcpRelayTransport" type="Microsoft.ServiceBus.Configuration.TcpRelayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="httpRelayTransport" type="Microsoft.ServiceBus.Configuration.HttpRelayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="httpsRelayTransport" type="Microsoft.ServiceBus.Configuration.HttpsRelayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="onewayRelayTransport" type="Microsoft.ServiceBus.Configuration.RelayedOnewayTransportElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
       </bindingElementExtensions>
       <bindingExtensions>
-        <add name="basicHttpRelayBinding" type="Microsoft.ServiceBus.Configuration.BasicHttpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="webHttpRelayBinding" type="Microsoft.ServiceBus.Configuration.WebHttpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="ws2007HttpRelayBinding" type="Microsoft.ServiceBus.Configuration.WS2007HttpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="netTcpRelayBinding" type="Microsoft.ServiceBus.Configuration.NetTcpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="netOnewayRelayBinding" type="Microsoft.ServiceBus.Configuration.NetOnewayRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="netEventRelayBinding" type="Microsoft.ServiceBus.Configuration.NetEventRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
-        <add name="netMessagingBinding" type="Microsoft.ServiceBus.Messaging.Configuration.NetMessagingBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
+        <add name="basicHttpRelayBinding" type="Microsoft.ServiceBus.Configuration.BasicHttpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="webHttpRelayBinding" type="Microsoft.ServiceBus.Configuration.WebHttpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="ws2007HttpRelayBinding" type="Microsoft.ServiceBus.Configuration.WS2007HttpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="netTcpRelayBinding" type="Microsoft.ServiceBus.Configuration.NetTcpRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="netOnewayRelayBinding" type="Microsoft.ServiceBus.Configuration.NetOnewayRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="netEventRelayBinding" type="Microsoft.ServiceBus.Configuration.NetEventRelayBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
+        <add name="netMessagingBinding" type="Microsoft.ServiceBus.Messaging.Configuration.NetMessagingBindingCollectionElement, Microsoft.ServiceBus, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
       </bindingExtensions>
     </extensions>
-  </system.serviceModel></configuration>
\ No newline at end of file
+  </system.serviceModel></configuration>
diff --git a/Mail2Bug/Mail2Bug.csproj b/Mail2Bug/Mail2Bug.csproj
index 22bbdc2..e0bc581 100644
--- a/Mail2Bug/Mail2Bug.csproj
+++ b/Mail2Bug/Mail2Bug.csproj
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -9,12 +9,13 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Mail2Bug</RootNamespace>
     <AssemblyName>Mail2Bug</AssemblyName>
-    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\</SolutionDir>
     <RestorePackages>true</RestorePackages>
     <NuGetPackageImportStamp>
     </NuGetPackageImportStamp>
+    <TargetFrameworkProfile />
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <PlatformTarget>AnyCPU</PlatformTarget>
@@ -378,4 +379,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
+</Project>
\ No newline at end of file
diff --git a/Mail2BugUnitTests/Mail2BugUnitTests.csproj b/Mail2BugUnitTests/Mail2BugUnitTests.csproj
index 9af2262..36668be 100644
--- a/Mail2BugUnitTests/Mail2BugUnitTests.csproj
+++ b/Mail2BugUnitTests/Mail2BugUnitTests.csproj
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
     <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
@@ -8,7 +8,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>Mail2BugUnitTests</RootNamespace>
     <AssemblyName>Mail2BugUnitTests</AssemblyName>
-    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <ProjectTypeGuids>{3AC096D0-A1C2-E12C-1390-A8335801FDAB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}</ProjectTypeGuids>
     <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
@@ -18,6 +18,7 @@
     <TestProjectType>UnitTest</TestProjectType>
     <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\</SolutionDir>
     <RestorePackages>true</RestorePackages>
+    <TargetFrameworkProfile />
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <DebugSymbols>true</DebugSymbols>
@@ -170,4 +171,4 @@
   <Target Name="AfterBuild">
   </Target>
   -->
-</Project>
+</Project>
\ No newline at end of file
diff --git a/Mail2BugUnitTests/app.config b/Mail2BugUnitTests/app.config
index 3e11088..8ba66b7 100644
--- a/Mail2BugUnitTests/app.config
+++ b/Mail2BugUnitTests/app.config
@@ -1,23 +1,23 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <configuration>
   <runtime>
     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.TeamFoundation.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0" />
+        <assemblyIdentity name="Microsoft.TeamFoundation.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0"/>
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.VisualStudio.Services.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0" />
+        <assemblyIdentity name="Microsoft.VisualStudio.Services.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0"/>
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.VisualStudio.Services.WebApi" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0" />
+        <assemblyIdentity name="Microsoft.VisualStudio.Services.WebApi" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0"/>
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
+        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0"/>
       </dependentAssembly>
     </assemblyBinding>
   </runtime>
-</configuration>
\ No newline at end of file
+<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8"/></startup></configuration>
diff --git a/Tools/DpapiTool/App.config b/Tools/DpapiTool/App.config
index f9d4b5e..28f3a0b 100644
--- a/Tools/DpapiTool/App.config
+++ b/Tools/DpapiTool/App.config
@@ -1,25 +1,25 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <configuration>
     <startup> 
-        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8"/>
     </startup>
   <runtime>
     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.TeamFoundation.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0" />
+        <assemblyIdentity name="Microsoft.TeamFoundation.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0"/>
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.VisualStudio.Services.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0" />
+        <assemblyIdentity name="Microsoft.VisualStudio.Services.Common" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0"/>
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Microsoft.VisualStudio.Services.WebApi" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0" />
+        <assemblyIdentity name="Microsoft.VisualStudio.Services.WebApi" publicKeyToken="b03f5f7f11d50a3a" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-14.0.0.0" newVersion="14.0.0.0"/>
       </dependentAssembly>
       <dependentAssembly>
-        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
+        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral"/>
+        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0"/>
       </dependentAssembly>
     </assemblyBinding>
   </runtime>
diff --git a/Tools/DpapiTool/DpapiTool.csproj b/Tools/DpapiTool/DpapiTool.csproj
index 757f1d3..34e91fb 100644
--- a/Tools/DpapiTool/DpapiTool.csproj
+++ b/Tools/DpapiTool/DpapiTool.csproj
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -9,7 +9,7 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>DpapiTool</RootNamespace>
     <AssemblyName>DpapiTool</AssemblyName>
-    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <SolutionDir Condition="$(SolutionDir) == '' Or $(SolutionDir) == '*Undefined*'">..\..\</SolutionDir>
     <RestorePackages>true</RestorePackages>

From 2cf0691bd3844c7f582efe70ede420548c72ba3a Mon Sep 17 00:00:00 2001
From: Sebastian Holzer <sebastian.holzer@dibit.at>
Date: Tue, 4 Jun 2024 09:59:54 +0200
Subject: [PATCH 2/6] Added basic OAuth classes

---
 Mail2Bug/Config.cs                        |  9 +++
 Mail2Bug/Email/EWS/EWSConnectionManger.cs |  6 +-
 Mail2Bug/Helpers/EWSOAuthHelper.cs        | 74 +++++++++++++++++++++++
 Mail2Bug/Mail2Bug.csproj                  |  1 +
 4 files changed, 89 insertions(+), 1 deletion(-)
 create mode 100644 Mail2Bug/Helpers/EWSOAuthHelper.cs

diff --git a/Mail2Bug/Config.cs b/Mail2Bug/Config.cs
index 515e9d4..1edec41 100644
--- a/Mail2Bug/Config.cs
+++ b/Mail2Bug/Config.cs
@@ -28,6 +28,14 @@ public class KeyVaultSecret
             public string ApplicationSecretEnvironmentVariableName { get; set; }
         }
 
+        public class OAuthSecret
+        {
+            public string TenantID { get; set; }
+            public string ClientID { get; set; }
+            public string ClientSecret { get; set; }
+            public string UserAgentName { get; set; }
+        }
+
         public class TfsServerConfig
         {
             // The TFS collection URL to connect to. e.g:
@@ -202,6 +210,7 @@ public enum MailboxServiceType
             public string EWSUsername { get; set; }
             public string EWSPasswordFile { get; set; }
             public KeyVaultSecret EWSKeyVaultSecret { get; set; }
+            public OAuthSecret EWSOAuthSecret { get; set; }
 
             #endregion
 
diff --git a/Mail2Bug/Email/EWS/EWSConnectionManger.cs b/Mail2Bug/Email/EWS/EWSConnectionManger.cs
index 2769ef0..f99c5ca 100644
--- a/Mail2Bug/Email/EWS/EWSConnectionManger.cs
+++ b/Mail2Bug/Email/EWS/EWSConnectionManger.cs
@@ -1,7 +1,12 @@
 using System;
 using System.Collections.Generic;
+using System.IO;
+using System.Net.Cache;
+using System.Net;
+using System.Text;
 using log4net;
 using Microsoft.Exchange.WebServices.Data;
+using Newtonsoft.Json.Linq;
 
 namespace Mail2Bug.Email.EWS
 {
@@ -108,7 +113,6 @@ static private EWSConnection ConnectToEWS(Credentials credentials, bool useConve
             };
         }
 
-
         private readonly Dictionary<Tuple<string, string, int, bool>, EWSConnection> _cachedConnections;
         private readonly bool _enableConnectionCaching;
 
diff --git a/Mail2Bug/Helpers/EWSOAuthHelper.cs b/Mail2Bug/Helpers/EWSOAuthHelper.cs
new file mode 100644
index 0000000..d5b0ae8
--- /dev/null
+++ b/Mail2Bug/Helpers/EWSOAuthHelper.cs
@@ -0,0 +1,74 @@
+using Microsoft.Exchange.WebServices.Data;
+using Newtonsoft.Json.Linq;
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Net.Cache;
+using System.Net;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Mail2Bug.Helpers
+{
+    public class EWSOAuthHelper
+    {
+        private const string TenantID = "[Your Tenant ID]";
+        private const string ClientID = "[Your Client ID]";
+        private const string ClientSecret = "[Your Secret ID]";
+
+        private const string AgentName = "My Agent Name";
+
+        public static ExchangeService OAuthConnectPost()
+        {
+            string LoginURL = String.Format("https://login.microsoftonline.com/{0}/oauth2/v2.0/token", TenantID);
+
+            var LogValues = new Dictionary<string, string>
+            {
+                { "grant_type", "client_credentials" },
+                { "client_id", ClientID },
+                { "client_secret", ClientSecret },
+                { "scope", "https://graph.microsoft.com/.default" }
+            };
+            string postData = "";
+            foreach (var v in LogValues)
+            {
+                postData += (String.IsNullOrWhiteSpace(postData) ? "" : "&") + v.Key + "=" + v.Value;
+            }
+            var data = Encoding.ASCII.GetBytes(postData);
+
+            ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
+            ServicePointManager.Expect100Continue = true;
+            ServicePointManager.DefaultConnectionLimit = 9999;
+            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
+               | SecurityProtocolType.Tls11
+               | SecurityProtocolType.Tls12
+               | SecurityProtocolType.Ssl3;
+
+            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(LoginURL);
+            request.Method = "POST";
+            request.ContentType = "application/x-www-form-urlencoded";
+            request.Accept = "*/*";
+            request.UserAgent = AgentName;
+            request.CachePolicy = new RequestCachePolicy(RequestCacheLevel.NoCacheNoStore);
+            request.ContentLength = data.Length;
+            using (var stream = request.GetRequestStream())
+            {
+                stream.Write(data, 0, data.Length);
+            }
+
+            using (var response = (HttpWebResponse)request.GetResponse())
+            using (Stream stream = response.GetResponseStream())
+            using (var reader = new StreamReader(stream))
+            {
+                var json = reader.ReadToEnd();
+                var aToken = JObject.Parse(json)["access_token"].ToString();
+
+                var ewsClient = new ExchangeService();
+                ewsClient.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx");
+                ewsClient.Credentials = new OAuthCredentials(aToken);
+                return ewsClient;
+            }
+        }
+    }
+}
diff --git a/Mail2Bug/Mail2Bug.csproj b/Mail2Bug/Mail2Bug.csproj
index e0bc581..627dbb5 100644
--- a/Mail2Bug/Mail2Bug.csproj
+++ b/Mail2Bug/Mail2Bug.csproj
@@ -319,6 +319,7 @@
     <Compile Include="Helpers\CredentialsHelper.cs" />
     <Compile Include="Helpers\DisposeUtils.cs" />
     <Compile Include="Helpers\DPAPIHelper.cs" />
+    <Compile Include="Helpers\EWSOAuthHelper.cs" />
     <Compile Include="Helpers\FileUtils.cs" />
     <Compile Include="InstanceRunner.cs" />
     <Compile Include="MessageProcessingStrategies\DateBasedValueResolver.cs" />

From 542493c3f38cdc2c475d04b53e00c12673824f55 Mon Sep 17 00:00:00 2001
From: Sebastian Holzer <sebastian.holzer@dibit.at>
Date: Tue, 4 Jun 2024 10:00:40 +0200
Subject: [PATCH 3/6] added deploy config

---
 .gitignore                                    |   1 +
 Documentation/query.wiq                       |   2 +-
 deploy/Configuration/Dibit8_Query.wiq         |   1 +
 deploy/Configuration/Dibit8_ReplyTemplate.htm |  58 +++
 .../FullyAnnotatedConfigReference.xml         | 329 ++++++++++++++++++
 .../Mail2BugConfigDibitDevOps.xml             |  76 ++++
 6 files changed, 466 insertions(+), 1 deletion(-)
 create mode 100644 deploy/Configuration/Dibit8_Query.wiq
 create mode 100644 deploy/Configuration/Dibit8_ReplyTemplate.htm
 create mode 100644 deploy/Configuration/FullyAnnotatedConfigReference.xml
 create mode 100644 deploy/Configuration/Mail2BugConfigDibitDevOps.xml

diff --git a/.gitignore b/.gitignore
index 7b742e8..f6fe0b5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -95,3 +95,4 @@ Thumbs.db
 /packages/
 *.nupkg
 
+deploy/Configuration/bugsAtDibit.bin
diff --git a/Documentation/query.wiq b/Documentation/query.wiq
index 070f88a..248b247 100644
--- a/Documentation/query.wiq
+++ b/Documentation/query.wiq
@@ -1 +1 @@
-<?xml version="1.0" encoding="utf-8"?><WorkItemQuery Version="1"><TeamFoundationServer>http://tfsServer.madeUpDomain.com:8080/tfs/something</TeamFoundationServer><TeamProject>HelloWorldProject</TeamProject><Wiql>SELECT [System.Id], [System.Title] FROM WorkItems WHERE [System.WorkItemType] &lt;&gt; ''  AND ([System.CreatedBy] = 'mail2bug user') AND  [System.ChangedDate] &gt; @today - 60 ORDER BY [System.Id] </Wiql></WorkItemQuery>
+<?xml version="1.0" encoding="utf-8"?><WorkItemQuery Version="1"><TeamFoundationServer>http://tfsServer.madeUpDomain.com:8080/tfs/something</TeamFoundationServer><TeamProject>HelloWorldProject</TeamProject><Wiql>SELECT [System.Id], [System.Title] FROM WorkItems WHERE [System.WorkItemType] &lt;&gt; ''  AND ([System.CreatedBy] = 'Dibit Support') AND  [System.ChangedDate] &gt; @today - 60 ORDER BY [System.Id] </Wiql></WorkItemQuery>
diff --git a/deploy/Configuration/Dibit8_Query.wiq b/deploy/Configuration/Dibit8_Query.wiq
new file mode 100644
index 0000000..5fba7ca
--- /dev/null
+++ b/deploy/Configuration/Dibit8_Query.wiq
@@ -0,0 +1 @@
+<?xml version="1.0" encoding="utf-8"?><WorkItemQuery Version="1"><TeamFoundationServer>https://devops.dibit.at/Dibit8%20Team/Dibit8</TeamFoundationServer><TeamProject>Dibit8</TeamProject><Wiql>SELECT [System.Id], [System.Title] FROM WorkItems WHERE [System.WorkItemType] &lt;&gt; ''  AND ([System.CreatedBy] = 'Dibit Support') AND  [System.ChangedDate] &gt; @today - 60 ORDER BY [System.Id] </Wiql></WorkItemQuery>
diff --git a/deploy/Configuration/Dibit8_ReplyTemplate.htm b/deploy/Configuration/Dibit8_ReplyTemplate.htm
new file mode 100644
index 0000000..3e75c9b
--- /dev/null
+++ b/deploy/Configuration/Dibit8_ReplyTemplate.htm
@@ -0,0 +1,58 @@
+<html>
+<head>
+    <meta http-equiv=Content-Type content="text/html; charset=utf-8">
+    <title>Dibit8 Support</title>
+</head>
+<body>
+    <style>
+        body, td, p { font-family: Segoe UI Emoji, Segoe UI, Calibri, Helvetica; font-size: 0.9em; }
+        h1 { font-size: 2em; font-weight: normal; margin: 0px; padding: 0px; }
+        h2 { font-size: 1.45em; font-weight: normal; margin: 0px; padding: 0px; }
+        h3 { font-size: 1.1em; font-weight: normal; margin: 0px; padding: 0px; }
+        h4 { font-size: 0.9em; font-weight: normal; margin: 0px; padding: 0px; }
+        .card { width: 650px; }
+        .workitem { border: 1px solid #f0f0f0; border-left-width: 10px; border-left-color: #cc293d; padding: 20px; }
+        .workitem a { text-decoration: none; color: black; }
+        .subtitle { font-size: 0.85em; color: gray; text-transform: uppercase; }
+        .info { font-size: 0.9em; background-color: #f0f0f0; padding: 15px 25px; color: gray; }
+        .info a { color: black; }
+    </style>
+    <table cellspacing="0" cellpadding="0" border="0" class="card">
+        <tr>
+            <td class="workitem">
+
+                <div class="subtitle">[TFSProject] &middot; [TFSWorkItemTemplate]</div>
+
+                <h1><a href="[TFSCollectionUri]/[TFSProject]/_workitems/edit/[_ID]">[_ID]</a></h1>
+                <h2><a href="[TFSCollectionUri]/[TFSProject]/_workitems/edit/[_ID]">[_TITLE]</a></h2>
+                <h3>[_OWNER:Unassigned]</h3>
+                <h4>[Software Version:Dibit8]</h4>
+
+                <!--
+                To include any field from the work item in the email, please add a placeholder 
+                in the format [FieldName] or [FieldName:Default Value]. 
+                Examples: [Priority], [Stack Rank:TBD].
+
+                You could also use these generic placeholders that work with all systems.
+                [_ID]       : ID of the work item
+                [_TITLE]    : Title of the work item
+                [_OWNER]    : Owner of the work item
+                [_STATE]    : State of the work item
+                -->
+            </td>
+        </tr>
+
+        <tr>
+            <td class="info">
+                <p>
+                    The above work item is used to track this issue.
+                    New messages in this conversation will be automatically added to the work item as long as [Mail2BugAlias] is a recipient.
+                <p>
+                <p>Reply to this mail to add more information to the work item.</p>
+            </td>
+        </tr>
+    </table>
+    <br>&nbsp;
+    <br>&nbsp;
+</body>
+</html>
diff --git a/deploy/Configuration/FullyAnnotatedConfigReference.xml b/deploy/Configuration/FullyAnnotatedConfigReference.xml
new file mode 100644
index 0000000..6b3ab7e
--- /dev/null
+++ b/deploy/Configuration/FullyAnnotatedConfigReference.xml
@@ -0,0 +1,329 @@
+<?xml version="1.0"?>
+<!-- Config is the root element -->
+<Config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <!-- 'Instances' holds one or more InstanceConfig nodes -->
+  <Instances>
+
+    <!-- 'InstanceConfig' defines a single instance of the service
+         The 'Name' attribute defines the instance name and is used for logging -->
+    <InstanceConfig Name="Hello World">
+
+    <!-- 'TfsServerConfig' defines the TFS related settings, and specifically all the settings required to connect to TFS -->
+      <TfsServerConfig>
+        <!-- 'CollectionUri' - The URI of the collection. 
+             - For On-prem TFS, the URI will look something like: `http://server:8080/tfs/YourColllection/`
+             - For VS Online, the URI will look something like: `https://name.visualstudio.com/DefaultCollection/` -->
+        <CollectionUri>http://tfsServer.madeUpDomain.com:8080/tfs/something</CollectionUri>
+
+        <!-- 'BypassRules' - set to 'true' if you want to skip rules validation. This allows modifying 'Changed By' field, even if it's read-only.
+             - Account you're using needs to be added to the list of service accounts for this to work.
+             - See https://vosseburchttechblog.azurewebsites.net/index.php/2013/09/01/editing-changed-by-and-changed-date-fields-using-the-tfs-api/ for more details. -->
+        <BypassRules>false</BypassRules>
+
+        <!-- ServiceIdentityUsername - the username to use for logging in to TFS
+             - To use default credentials - i.e. login as the user running mail2bug - omit this element 
+             - For VS online, it is recommended to provision a Service Identity and use it here. This can be done by following the
+               instructions [here] (http://nakedalm.com/getting-service-account-vso-tfs-service-credential-viewer/)
+             - Note also that for VS online, there will be changes coming soon, since the ServiceIdentity method of
+               authentication is going to be deprecated by VSO in favor of AAD, so if you're using VS online, stay tuned
+               for changes in upcoming versions (ideally, config elements won't change, since username and password would
+               still be needed, but instructions on what values to use might change) -->
+        <ServiceIdentityUsername>mail2bug</ServiceIdentityUsername>
+
+        <!-- ServiceIdentityPasswordFile - the path to a DPAPI encrypted password file (created using the DpapiTool) - omit
+             this element if you're using default credentials -->
+        <ServiceIdentityPasswordFile>.\Resources\mail2bug.bin</ServiceIdentityPasswordFile>
+        
+        <!-- AltAuthUsername - the username to use for logging in to VSO
+             - To use Service Identity credentials - omit this element 
+             - For VS online, you must set your alternate authentication credentials first. This can be done by following the
+               instructions [here] (https://www.visualstudio.com/en-us/integrate/get-started/auth/overview) -->
+        <AltAuthUsername>mail2bug</AltAuthUsername>
+        
+        <!-- AltAuthPasswordFile - the path to a DPAPI encrypted password file (created using the DpapiTool) - omit
+             this element if you're using Service Identity credentials -->
+        <AltAuthPasswordFile>.\Resources\mail2bug.bin</AltAuthPasswordFile>
+
+        <!-- The following three items (OAuthContext, OAuthResourceId, OAuthClientId) are only relevant for VSO
+             These are used for ADAL based authentication to VSO. This method replaces the legacy ServiceIdentity and is
+             the recommended way for authentication for VSO.
+             OAuthContext is the URI for the authentication authority
+             OAuthResourceId and OAuthClientId represent the resource for which we're asking for autherntication, and a
+             client ID that was provisioned for authenticating our app.
+
+             The username and password defined with ServiceIdentityUsername and ServiceidentityPasswordFile are used as 
+             the credentials to authenticate with, so these are still needed even when using ADAL authentication.
+
+             For more details on ADAL and OAuth, check out:
+             http://www.cloudidentity.com/blog/2013/09/12/active-directory-authentication-library-adal-v1-for-net-general-availability/ 
+
+        <OAuthContext></OAuthContext> 
+        <OAuthResourceId></OAuthResourceId>
+        <OAuthClientId></OAuthClientId>
+        -->
+        
+        <!--
+            ServiceIdentityPatFile - path to the DPAPI encrypted file containing the Personal Acces Token for the
+            user you wish to use to connect to VSO. Due to the nature of PATs, it is enough to only provide the token.
+            
+            Personal access tokens can be generated from the profile of the desired user in VSO.
+            https://www.visualstudio.com/en-us/news/2015-jul-7-vso.aspx 
+            Click on the user name in the top right, select My Profile and then Security -> Personal Acces Tokens
+        <ServiceIdentityPatFile>.\Resources\your-m2b-user-token.bin</ServiceIdentityPatFile>
+        -->
+
+        <!-- 
+            Authenticate using a PAT stored in Azure KeyVault, especially when running as a WebJob. 
+            The environment variables configured here should contain the Application ID of the registered 
+            AAD application and the secret needed to access the keyvault entry.
+
+            For more details on configuring Mail2Bug as WebJob:
+            https://www.jeff.wilcox.name/2017/02/mail2bug/
+            https://docs.microsoft.com/en-us/azure/app-service/web-sites-create-web-jobs
+            https://github.com/projectkudu/kudu/wiki/WebJobs
+            https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-integrating-applications
+
+        <ServiceIdentityPatKeyVaultSecret>
+            <KeyVaultPath>https://myvault.vault.azure.net/secrets/mysecret</KeyVaultPath>
+            <ApplicationIdEnvironmentVariableName>DIRECTORY_APPLICATION_ID</ApplicationIdEnvironmentVariableName>
+            <ApplicationSecretEnvironmentVariableName>DIRECTORY_APPLICATION_SECRET</ApplicationSecretEnvironmentVariableName>
+        </ServiceIdentityPatKeyVaultSecret>
+        -->
+        
+        <!-- 'Project' - The name of the project within the collection -->
+        <Project>HelloWorldProject</Project>
+
+        <!-- 'WorkItemTemplate' - The type of work item you want to create for new email threads -->
+        <WorkItemTemplate>Bug</WorkItemTemplate>
+
+        <!-- CacheQueryFile - the path to a file containing the query that retrieves the work items to cache. This file
+             is created by authoring the query in VS and saving it to a .wiq file 
+             Note that @Projet is not properly handled in the context of the service, so be sure to remove the default
+             clause for 'TeamProject = @Project' from the query -->
+        <CacheQueryFile>.\Resources\Query.wiq</CacheQueryFile>
+
+        <!-- SimulationMode - should be set to 'false'.
+             When 'true', the TFS interaction is mocked and new work items are not really created. Used for testing
+             purposes only -->
+        <SimulationMode>false</SimulationMode>
+
+        <!-- NamesListFieldName - the name of a field whose "allowed values" list contains all the names recognized by
+             TFS. Used for resolving name values from email recipients. Usually set to the "Assigned To" field -->
+        <NamesListFieldName>Assigned To</NamesListFieldName>
+      </TfsServerConfig>
+
+      <!-- 'WorkItemSettings' defines settings related to how work items created - default values, mnemonics, etc. -->
+      <WorkItemSettings>
+
+        <!-- ConversationIndexFieldName - The name of the field that should be used for storing the conversation ID from
+             the email that triggered the creation of the work item. The conversation ID is the means by which mail2bug 
+             identifies new emails on the same email thread as belonging to the same thread, and adds them to the previously
+             created item rather than creating a new one.
+             - This should be a TFS Text field (max-length 255)
+             - Ideally you'll create a dedicated field for this rather than overloading an existing one, to avoid other
+               people/tools overwriting it with unrelated data. You should also consider not adding the field to the work
+               item editing form (since no one should be editing it manually) -->
+        <ConversationIndexFieldName>ConversationID</ConversationIndexFieldName>
+
+        <!-- 'DefaultFieldValues' defines all the deafult values that should be assigned to the work item fields, one
+             DefaultValueDefinition item per field.
+             The important part is to include a default value for every mandatory field, otherwise work item creation will
+             fail. The only automatically defined default is the 'Title' field, that gets the email subject as a value
+             (and even that can be overridden by explicitly mentioning a different default value) -->
+        <DefaultFieldValues>
+          <!-- 'DefaultValueDefinition' defines a single default value 
+               - 'Field' attribute - name of the field to set
+               - 'Value' attribute - the default contents to assign to the field 
+        
+               The default settings supports the following special values, prefixed by double hash-signs.
+               - Subject - The email subject
+               - MessageBody - The body of the email message converted to plain text (i.e. if the body was HTML,
+                               it would be stripped to plain text)
+               - MessageBodyWithSender - Similar to MessageBody, but with an added line at the bottom mentioning the
+                 display name and email address of the sender. Useful to include indication of the person whose email
+                 triggered the work item creation
+               - RawMessageBody - The raw body of the email - i.e. if it's an HTML message, this would be the full
+                 message HTML
+               - Now - Current date time in general ("g") date time format (see 
+                 https://msdn.microsoft.com/en-us/library/az4se3k1%28v=vs.110%29.aspx for date time format specification)
+               - Today - Current date in short date format ("d")
+               - Sender - The name of the sender, resolved against the list of names recognized by TFS. If resolution fails
+                          this would resolve to the sender display name.
+               - Location - In case the email is a meeting invite, the location of the meeting; empty string otherwise.
+               - StartTime - In case the email is a meeting invite, the meeting start time; empty string otherwise.
+               - EndTime - In case the email is a meeting invite, the meeting end time; empty string otherwise.
+                    
+               The example below sets default for 5 fields - 4 of them with static default values, and the last
+               one (Description) set to the text of the email body
+               -->
+          <DefaultValueDefinition Field="Assigned To" Value="Unassigned" />
+          <DefaultValueDefinition Field="Severity" Value="1" />
+          <DefaultValueDefinition Field="Area Path" Value="HelloWorldProject\BusinessLogic" />
+          <DefaultValueDefinition Field="Iteration Path" Value="HelloWorldProject\Iteration 42" />
+          <DefaultValueDefinition Field="Description" Value="##MessageBody" />
+        </DefaultFieldValues>
+        <!--  Mnemonics allow you to define short strings that users can put in the email to set specific fields to
+              predefined values without the need for verbose explicit overrides. A single mnemonic can set one specific
+              field, or several fieds. To have a single mnemonic set several fields, just add multiple MnemonicDefinition
+              elements with the same mnemonic specified in the "Mnemonic" attribute - one for each field you want to set 
+
+              To trigger a mnemonic, the users just include the string @@@mnemonic name in the email body
+              A single email may contain multiple mnemonics -->
+        <Mnemonics>
+          <!-- 'MnemonicDefinition' - Defines a mnemonic
+               'Mnemonic' attribute - the mnemonic name - this is the mnemonic text that the users will need to include in
+               their email, prefixed by @@@
+               'Field' attribute - the field that would be set when the mnemonic is triggered
+               'Value' attribute - the value that would be assigned to the field
+             -->
+          <MnemonicDefinition Mnemonic="Test" Field="Issue" Value="Test Defect" />
+        </Mnemonics>
+        <!-- 'DateBasedOverrides' allows you to set the value of fields based on the current date. This is useful
+             mostly for Iteration/Release fields-->
+        <DateBasedOverrides>
+          <!-- For each field you want to set based on the current date, create a single 'DateBasedFieldOverrides' element
+               'FieldName' attribute - the name of the field to be set
+                
+               'Entries' - a collection of DateBasedOverrideEntry items, each defining a start date and a value 
+               mail2bug will choose the entry with the latest start date that is still before the current date
+               and will assign the value from that entry to the field.
+               
+               'DefaultValue' - if all start dates are after the current date, then the default value will be used
+               instead.
+
+               In the example below example: Set the 'Iteration' field based on the current date - 
+               - For items created in January (i.e. after 1/1/2015, but before 2/1/2015), set it to 'Iteration 41' 
+               - For items created in Febrary, set it to 'Iteration 42'
+               - For items created in March or later it set it to 'Iteration 43'
+               - Items created before 1/1/2015 will get the default, which is Iteration 40 -->
+          <DateBasedFieldOverrides FieldName="Iteration">
+            <Entries>
+              <DateBasedOverrideEntry StartDate="2015-01-01" Value="Iteration 41" />
+              <DateBasedOverrideEntry StartDate="2015-02-01" Value="Iteration 42" />
+              <DateBasedOverrideEntry StartDate="2015-03-01" Value="Iteration 43" />
+            </Entries>
+            <DefaultValue>Iteration 40</DefaultValue>
+          </DateBasedFieldOverrides>
+        </DateBasedOverrides>
+
+        <!-- 'ApplyOverridesDuringUpdate' - 'true' means that explicit overrides and mnemonics in reply messages will be
+             processed, allowing users to make changes to an existing work item with reply messages
+            
+             One recommneded way for using this is to define mnemonics for common actions like resolving/closing/reactivating
+             a work item, so that users can, for example, resolve a bug by replying with a mnemonic like '@@@Resolve' -->
+        <ApplyOverridesDuringUpdate>true</ApplyOverridesDuringUpdate>
+
+        <!-- 'OverrideChangedBy' - 'true' means we should set the value of "Changed By" to the user who send the email,
+             such that the change would appear as "on behalf of ...". Since this field may be read only (depending on
+             the server side configuration), this config allows you to turn it off, to avoid causing the the work item
+             to fail.  -->
+        <OverrideChangedBy>true</OverrideChangedBy>
+
+        <!-- 'AttachOriginalMessage' - 'true' means we should attach the email message that triggered the creation
+             of the work item -->
+        <AttachOriginalMessage>true</AttachOriginalMessage>
+
+        <!-- 'AttachUpdateMessages' - 'true' means we should attach "reply" emails that update the work item 
+             The default is 'false', since this can add considerable data size load to the work item -->
+        <AttachUpdateMessages>false</AttachUpdateMessages>
+
+      </WorkItemSettings>
+
+      <!-- 'EmailSettings' - contains settings related to accessing the email account and processing individual emails -->
+      <EmailSettings>
+
+        <!-- 'ServiceType' - this value dictates how the email inbox is monitored and which emails will be picked up for
+             processing.
+             
+             There are two types supported: 
+             - 'EWSByRecipients' (recommended) 
+             - 'EWSByFolder'
+
+             'EWSByRecipients' - mail2bug will monitor the 'Inbox' of the mailbox and will process all the items where
+             one of the recipients specified in the 'Recipients' element (below) is in the 'To' or 'CC' lines.
+             For a setup where the mailbox is serving a single instance, 'Recipients' would be empty and all items in
+             the inbox would be processed.
+             For setups where you want to serve multiple instances on a single mailbox, you can create other email addresses
+             that lead to the same mailbox and define which instance should pick each message by specifying the relevant
+             email address in the 'Recipients' element 
+
+             'EWSByFolder' - mail2bug will monitor a specific folder under the root of the mailbox. In this setup, you
+             create (server side) exchange rules to route incoming emails to the correct folder.
+             Note that the folders need to be directly under the root of the mailbox rather than under 'Inbox'. 
+             The folder name to monitor is specified by the 'IncomingFolder' element
+             The reason for this method being less preferable is that it involves extra steps for creating exchange rules,
+             which can be quite cumbersome. Also, exchange rules can be flaky at times, especially if you have a lot of them
+             defined. -->
+        <ServiceType>EWSByRecipients</ServiceType>
+
+        <!-- If both CompletedFolder and ErrorFolder are specified, after messages are processed, they are moved to these
+             folders rather than deleted. Successfully processed messages get moved to the CompletedFolder, while ones
+             for which we encountered an error are moved to the ErrorFolder.
+
+             If either of these two elements are missing, we default back to deleting messages after processing them.
+
+             Important: Both folders are expected to be directly under the mailbox root (as opposed to under "Inbox").  -->
+        <CompletedFolder>Completed</CompletedFolder>
+        <ErrorFolder>Error</ErrorFolder>
+
+        <!-- The recipients to consider for EWSByRecipients. Email addresses are the standard thing to use, although display
+             names also work. -->
+        <Recipients>mail2bug@domain.com</Recipients>
+
+        <!-- The email address of the inbox we want to monitor -->
+        <EWSMailboxAddress>mail2bug@domain.com</EWSMailboxAddress>
+
+        <!-- A username with permissions to log in to the email account. This is generally either in the form of
+             email (usually the same as the email address in EWSMailboxAddress), or in DOMAIN\username form. I've seen cases
+             where the same server would take one or the other (or both), depending on the server set up, as well as the client
+             set up, so if one doesn't work, try the other -->
+        <EWSUsername>mail2bug@domain.com</EWSUsername>
+
+        <!-- Pointer to a file that stores the password for the login account. The file is expected to be encrypted
+             with DPAPI - use the DpapiTool.exe from the Tools subfolder to create one. Note that the tool needs to be
+             run under the same credentials that mail2bug will run with, otherwise it won't be able to decrypt the
+             contents. -->
+        <EWSPasswordFile>.\Resources\mail2bug.bin</EWSPasswordFile>
+
+        <!-- 
+            Authenticate using a password stored in Azure KeyVault, especially when running as a WebJob. 
+            The environment variables configured here should contain the Application ID of the registered 
+            AAD application and the secret needed to access the keyvault entry.
+
+        <EWSKeyVaultSecret>
+            <KeyVaultPath>https://myvault.vault.azure.net/secrets/mysecret</KeyVaultPath>
+            <ApplicationIdEnvironmentVariableName>DIRECTORY_APPLICATION_ID</ApplicationIdEnvironmentVariableName>
+            <ApplicationSecretEnvironmentVariableName>DIRECTORY_APPLICATION_SECRET</ApplicationSecretEnvironmentVariableName>
+        </EWSKeyVaultSecret>
+        -->
+
+        <!-- Instead of using the whole ConversationIndex, use only the ConversationID, which is the guid portion of
+             the ConversationIndex, to identify a conversation. This should help avoid the possibility of replies
+             inadvertently spawning new bugs. See https://msdn.microsoft.com/en-us/library/ee202481(v=exchg.80).aspx
+             for more information.
+             Warning: Changing this on an existing instance will break links with bugs that it already created. -->
+        <UseConversationGuidOnly>true</UseConversationGuidOnly>
+
+        <!-- 'SendAckEmails' - Should mail2bug send replies when creating new work items? -->
+        <SendAckEmails>true</SendAckEmails>
+
+        <!-- 'AckEmailsRecipientsAll' - When sending replies for new item creation, shoud mail2bug Reply-All, or just
+             'Reply' to the sender? -->
+        <AckEmailsRecipientsAll>true</AckEmailsRecipientsAll>
+
+        <!-- A pointer to a file containing the email template for sending back responses when a new work item is
+             created-->
+        <ReplyTemplate>.\Resources\ReplyTemplateExample.htm</ReplyTemplate>
+
+        <!-- Ideally, you'll never need to change these regexes and you'll use the defaults below, but they do give you 
+             the flexibility to define your own format for specifying overrides, or detecting that an email is an "append
+             only" email. Don't forget to escape any angle brackets. 
+             If you need to change these, keep in mind that the capturing group tags (e.g. 'id', 'fieldName') must be
+             present for the code to be able to use the regular expressions  -->
+        <AppendOnlyEmailTitleRegex>.*(bug|work item)\s*#*\s*(?&lt;id&gt;\d+)</AppendOnlyEmailTitleRegex>
+        <AppendOnlyEmailBodyRegex>!!!(bug|work item)\s*#*\s*(?&lt;id&gt;\d+)</AppendOnlyEmailBodyRegex>
+        <ExplicitOverridesRegex>###\s*(?&lt;fieldName&gt;[^:]*):\s*(?&lt;value&gt;.*)</ExplicitOverridesRegex>
+      </EmailSettings>
+    </InstanceConfig>
+  </Instances>
+</Config>
diff --git a/deploy/Configuration/Mail2BugConfigDibitDevOps.xml b/deploy/Configuration/Mail2BugConfigDibitDevOps.xml
new file mode 100644
index 0000000..8b5c5db
--- /dev/null
+++ b/deploy/Configuration/Mail2BugConfigDibitDevOps.xml
@@ -0,0 +1,76 @@
+<?xml version="1.0"?>
+<Config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Instances>
+    <InstanceConfig Name="Dibit8">
+      <TfsServerConfig>
+        <CollectionUri>https://devops.dibit.at/Dibit8%20Team</CollectionUri>
+        <Project>Dibit8</Project>
+        <WorkItemTemplate>Bug Report</WorkItemTemplate>
+        <!-- see example query file in the same folder as this example config-->
+        <CacheQueryFile>.\Configuration\Dibit8_Query.wiq</CacheQueryFile>
+        <SimulationMode>false</SimulationMode>
+        <NamesListFieldName>Assigned To</NamesListFieldName>
+      </TfsServerConfig>
+      <WorkItemSettings>
+        <!-- The conversation index field should be a textual field with a capacity of 200 or more. Ideally 
+             you'll create a dedicated field for this rather than overloading an existing one, to avoid
+             other people/tools overwriting it with unrelated data. Also, by making it dedicated, you can
+             also make the decision to make it invisible (since no one should be editing it manually)-->
+        <ConversationIndexFieldName>ConversationID</ConversationIndexFieldName>
+        <DefaultFieldValues>
+          <!-- The important part is to include a default value for every mandatory field, otherwise work
+               item creation will fail. The only automatically defined default is the 'Title' field, that gets
+               the email subject as a value. -->
+          <DefaultValueDefinition Field="Assigned To" Value="Unassigned" />
+          <DefaultValueDefinition Field="Severity" Value="3" />
+          <DefaultValueDefinition Field="Area Path" Value="Dibit8\Teams\Users\BugReports" />
+          <DefaultValueDefinition Field="Iteration Path" Value="Dibit8" />
+          <DefaultValueDefinition Field="Description" Value="##MessageBodyWithSender" />
+          <DefaultValueDefinition Field="Reporter Email" Value="##Sender" />
+        </DefaultFieldValues>
+        <!-- 'true' means we should attached the email message that triggered the creation of the work item -->
+        <AttachOriginalMessage>true</AttachOriginalMessage>
+      </WorkItemSettings>
+      <EmailSettings>
+        <!-- EWSByRecipients is the most straight-forward way to set up the mailbox. Basically, it will process
+             any email in the Inbox that has any of the recipients in the To or Cc fields.
+             Recipients can be specified as email addresses, or as display names
+             When specifying more than one recipient, use ; as separator -->
+        <ServiceType>EWSByRecipients</ServiceType>
+        <Recipients>bugs@dibit.at;support@dibit.at</Recipients>
+
+        <!-- The email address whose inbox that we want to monitor -->
+        <EWSMailboxAddress>bugs@dibit.at</EWSMailboxAddress>
+
+        <!-- A username with permissions to log in to the email account. This is generally either in the form of
+             email address form (usually the same as the email address in EWSMailboxAddress), or in DOMAIN\username
+             form. I've seen cases where the same server would take one or the other (or both), depending on the
+             server set up, as well as the client set up, so if one doesn't work, try the other -->
+        <EWSUsername>bugs@dibit.at</EWSUsername>
+
+        <!-- Pointer to a file that stores the password for the login account. The file is expected to be encrypted
+             with DPAPI - use the DpapiTool.exe from the Tools subfolder to create one. Note that the tool needs to be
+             run under the same credentials that mail2bug will run with, otherwise it won't be able to decrypt the
+             contents. -->
+        <EWSPasswordFile>.\Configuration\bugsAtDibit.bin</EWSPasswordFile>
+
+        <!-- Warning: Changing this on an existing instance will break links with bugs that it already created. -->
+        <UseConversationGuidOnly>true</UseConversationGuidOnly>
+
+        <SendAckEmails>true</SendAckEmails>
+        <AckEmailsRecipientsAll>true</AckEmailsRecipientsAll>
+
+        <!-- A pointer to a file containing the ack email template for sending back responses when a new work item is
+             created-->
+        <ReplyTemplate>.\Configuration\Dibit8_ReplyTemplate.htm</ReplyTemplate>
+
+        <!-- Ideally, you'll never need to change these regexes and you'll use the defaults below, but they do give you 
+             the flexibility to define your own format for specifying overrides, or detecting that an email is an "append
+             only" email. Don't forget to escape any angle brackets. -->
+        <AppendOnlyEmailTitleRegex>.*(bug|work item)\s*#\s*(?&lt;id&gt;\d+)</AppendOnlyEmailTitleRegex>
+        <AppendOnlyEmailBodyRegex>!!!(bug|work item)\s*#\s*(?&lt;id&gt;\d+)</AppendOnlyEmailBodyRegex>
+        <ExplicitOverridesRegex>###\s*(?&lt;fieldName&gt;[^:]*):\s*(?&lt;value&gt;.*)</ExplicitOverridesRegex>
+      </EmailSettings>
+    </InstanceConfig>
+  </Instances>
+</Config>

From 12ae5a8dc4e7cdc1a1cfe2e15719f3ef2ade9ac4 Mon Sep 17 00:00:00 2001
From: Sebastian Holzer <sebastian.holzer@dibit.at>
Date: Tue, 4 Jun 2024 10:13:51 +0200
Subject: [PATCH 4/6] Upgraded Microsoft.Exchange.WebServices nuget package;
 added OAuth authentication support; still to be tested/reviewed

---
 Mail2Bug/Config.cs                        |  6 ++++++
 Mail2Bug/Email/EWS/EWSConnectionManger.cs | 18 ++++++++++++++----
 Mail2Bug/Email/MailboxManagerFactory.cs   |  3 ++-
 Mail2Bug/Helpers/EWSOAuthHelper.cs        |  1 +
 Mail2Bug/Mail2Bug.csproj                  |  8 +++++---
 Mail2Bug/packages.config                  |  2 +-
 6 files changed, 29 insertions(+), 9 deletions(-)

diff --git a/Mail2Bug/Config.cs b/Mail2Bug/Config.cs
index 1edec41..c5d7493 100644
--- a/Mail2Bug/Config.cs
+++ b/Mail2Bug/Config.cs
@@ -201,6 +201,11 @@ public enum MailboxServiceType
                 EWSByFolder,
                 EWSByRecipients
             }
+            public enum AuthenticationMode
+            {
+                OAuth,
+                Basic
+            }
 
             public MailboxServiceType ServiceType { get; set; }
 
@@ -211,6 +216,7 @@ public enum MailboxServiceType
             public string EWSPasswordFile { get; set; }
             public KeyVaultSecret EWSKeyVaultSecret { get; set; }
             public OAuthSecret EWSOAuthSecret { get; set; }
+            public AuthenticationMode EWSAuthenticationMode { get; set; }
 
             #endregion
 
diff --git a/Mail2Bug/Email/EWS/EWSConnectionManger.cs b/Mail2Bug/Email/EWS/EWSConnectionManger.cs
index f99c5ca..edae41e 100644
--- a/Mail2Bug/Email/EWS/EWSConnectionManger.cs
+++ b/Mail2Bug/Email/EWS/EWSConnectionManger.cs
@@ -7,6 +7,7 @@
 using log4net;
 using Microsoft.Exchange.WebServices.Data;
 using Newtonsoft.Json.Linq;
+using Mail2Bug.Helpers;
 
 namespace Mail2Bug.Email.EWS
 {
@@ -27,6 +28,7 @@ public struct Credentials
             public string EmailAddress;
             public string UserName;
             public string Password;
+            public Config.OAuthSecret OAuthCredentials;
         }
 
         public struct EWSConnection
@@ -87,11 +89,19 @@ static private Tuple<string, string, int, bool> GetKeyFromCredentials(Credential
         static private EWSConnection ConnectToEWS(Credentials credentials, bool useConversationGuidOnly)
         {
             Logger.DebugFormat("Initializing FolderMailboxManager for email adderss {0}", credentials.EmailAddress);
-            var exchangeService = new ExchangeService(ExchangeVersion.Exchange2010_SP1)
+            ExchangeService exchangeService;
+            if (credentials.OAuthCredentials != null)
             {
-                Credentials = new WebCredentials(credentials.UserName, credentials.Password),
-                Timeout = 60000
-            };
+                exchangeService = EWSOAuthHelper.OAuthConnectPost();
+            }
+            else
+            {
+                exchangeService = new ExchangeService(ExchangeVersion.Exchange2010_SP1)
+                {
+                    Credentials = new WebCredentials(credentials.UserName, credentials.Password),
+                    Timeout = 60000
+                };
+            }
 
             exchangeService.AutodiscoverUrl(
                 credentials.EmailAddress,
diff --git a/Mail2Bug/Email/MailboxManagerFactory.cs b/Mail2Bug/Email/MailboxManagerFactory.cs
index fcc86cf..9a20778 100644
--- a/Mail2Bug/Email/MailboxManagerFactory.cs
+++ b/Mail2Bug/Email/MailboxManagerFactory.cs
@@ -25,7 +25,8 @@ public IMailboxManager CreateMailboxManager(Config.EmailSettings emailSettings)
             {
                 EmailAddress = emailSettings.EWSMailboxAddress,
                 UserName = emailSettings.EWSUsername,
-                Password = password
+                Password = password,
+                OAuthCredentials = emailSettings.EWSAuthenticationMode == Config.EmailSettings.AuthenticationMode.OAuth ? emailSettings.EWSOAuthSecret : null,
             };
 
             var exchangeService = _connectionManger.GetConnection(credentials, emailSettings.UseConversationGuidOnly);
diff --git a/Mail2Bug/Helpers/EWSOAuthHelper.cs b/Mail2Bug/Helpers/EWSOAuthHelper.cs
index d5b0ae8..a985a38 100644
--- a/Mail2Bug/Helpers/EWSOAuthHelper.cs
+++ b/Mail2Bug/Helpers/EWSOAuthHelper.cs
@@ -67,6 +67,7 @@ public static ExchangeService OAuthConnectPost()
                 var ewsClient = new ExchangeService();
                 ewsClient.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx");
                 ewsClient.Credentials = new OAuthCredentials(aToken);
+                ewsClient.Timeout = 60000;
                 return ewsClient;
             }
         }
diff --git a/Mail2Bug/Mail2Bug.csproj b/Mail2Bug/Mail2Bug.csproj
index 627dbb5..522d3f3 100644
--- a/Mail2Bug/Mail2Bug.csproj
+++ b/Mail2Bug/Mail2Bug.csproj
@@ -59,9 +59,11 @@
       <HintPath>..\packages\Microsoft.Azure.KeyVault.1.0.0\lib\net45\Microsoft.Azure.KeyVault.dll</HintPath>
       <Private>True</Private>
     </Reference>
-    <Reference Include="Microsoft.Exchange.WebServices, Version=14.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
-      <SpecificVersion>False</SpecificVersion>
-      <HintPath>..\packages\Microsoft.Exchange.WebServices.1.2\lib\Microsoft.Exchange.WebServices.dll</HintPath>
+    <Reference Include="Microsoft.Exchange.WebServices, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Exchange.WebServices.2.2\lib\40\Microsoft.Exchange.WebServices.dll</HintPath>
+    </Reference>
+    <Reference Include="Microsoft.Exchange.WebServices.Auth, Version=15.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Exchange.WebServices.2.2\lib\40\Microsoft.Exchange.WebServices.Auth.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.IdentityModel.Clients.ActiveDirectory">
       <HintPath>..\packages\Microsoft.IdentityModel.Clients.ActiveDirectory.2.16.204221202\lib\net45\Microsoft.IdentityModel.Clients.ActiveDirectory.dll</HintPath>
diff --git a/Mail2Bug/packages.config b/Mail2Bug/packages.config
index 1dfc183..849ce6f 100644
--- a/Mail2Bug/packages.config
+++ b/Mail2Bug/packages.config
@@ -11,7 +11,7 @@
   <package id="Microsoft.Bcl" version="1.1.9" targetFramework="net45" />
   <package id="Microsoft.Bcl.Async" version="1.0.168" targetFramework="net45" />
   <package id="Microsoft.Bcl.Build" version="1.0.14" targetFramework="net45" />
-  <package id="Microsoft.Exchange.WebServices" version="1.2" targetFramework="net45" />
+  <package id="Microsoft.Exchange.WebServices" version="2.2" targetFramework="net48" />
   <package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="2.16.204221202" targetFramework="net45" />
   <package id="Microsoft.Net.Http" version="2.2.22" targetFramework="net45" />
   <package id="Microsoft.TeamFoundationServer.Client" version="14.89.0" targetFramework="net45" />

From 0c776bdff0c89f52890bc43113a44b0f1dc7bafc Mon Sep 17 00:00:00 2001
From: Sebastian Holzer <sebastian.holzer@dibit.at>
Date: Tue, 4 Jun 2024 15:39:52 +0200
Subject: [PATCH 5/6] Finished OAuth implementation;

---
 Mail2Bug/App.config                       |  2 +-
 Mail2Bug/Email/EWS/EWSConnectionManger.cs |  2 +-
 Mail2Bug/Helpers/EWSOAuthHelper.cs        | 21 +++++++++------------
 3 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/Mail2Bug/App.config b/Mail2Bug/App.config
index 7e6bb9e..5a3e28e 100644
--- a/Mail2Bug/App.config
+++ b/Mail2Bug/App.config
@@ -7,7 +7,7 @@
     <add key="Iterations" value="200"/>
     <add key="IntervalInSeconds" value="1"/>
     <add key="UseThreads" value="false"/>
-    <add key="ConfigPath" value="Resources"/>
+    <add key="ConfigPath" value="Configuration"/>
     <add key="ConfigFilePattern" value="Mail2BugConfig*.xml"/>
     <add key="log4net.Config" value="log4net.config"/>
     <add key="log4net.Config.Watch" value="True"/>
diff --git a/Mail2Bug/Email/EWS/EWSConnectionManger.cs b/Mail2Bug/Email/EWS/EWSConnectionManger.cs
index edae41e..793c086 100644
--- a/Mail2Bug/Email/EWS/EWSConnectionManger.cs
+++ b/Mail2Bug/Email/EWS/EWSConnectionManger.cs
@@ -92,7 +92,7 @@ static private EWSConnection ConnectToEWS(Credentials credentials, bool useConve
             ExchangeService exchangeService;
             if (credentials.OAuthCredentials != null)
             {
-                exchangeService = EWSOAuthHelper.OAuthConnectPost();
+                exchangeService = EWSOAuthHelper.OAuthConnectPost(credentials.OAuthCredentials, credentials.EmailAddress);
             }
             else
             {
diff --git a/Mail2Bug/Helpers/EWSOAuthHelper.cs b/Mail2Bug/Helpers/EWSOAuthHelper.cs
index a985a38..4a177ac 100644
--- a/Mail2Bug/Helpers/EWSOAuthHelper.cs
+++ b/Mail2Bug/Helpers/EWSOAuthHelper.cs
@@ -13,22 +13,16 @@ namespace Mail2Bug.Helpers
 {
     public class EWSOAuthHelper
     {
-        private const string TenantID = "[Your Tenant ID]";
-        private const string ClientID = "[Your Client ID]";
-        private const string ClientSecret = "[Your Secret ID]";
-
-        private const string AgentName = "My Agent Name";
-
-        public static ExchangeService OAuthConnectPost()
+        public static ExchangeService OAuthConnectPost(Config.OAuthSecret oAuthCredentials, string emailAddress)
         {
-            string LoginURL = String.Format("https://login.microsoftonline.com/{0}/oauth2/v2.0/token", TenantID);
+            string LoginURL = String.Format("https://login.microsoftonline.com/{0}/oauth2/v2.0/token", oAuthCredentials.TenantID);
 
             var LogValues = new Dictionary<string, string>
             {
                 { "grant_type", "client_credentials" },
-                { "client_id", ClientID },
-                { "client_secret", ClientSecret },
-                { "scope", "https://graph.microsoft.com/.default" }
+                { "client_id", oAuthCredentials.ClientID },
+                { "client_secret", oAuthCredentials.ClientSecret },
+                { "scope", "https://outlook.office365.com/.default" }
             };
             string postData = "";
             foreach (var v in LogValues)
@@ -49,7 +43,7 @@ public static ExchangeService OAuthConnectPost()
             request.Method = "POST";
             request.ContentType = "application/x-www-form-urlencoded";
             request.Accept = "*/*";
-            request.UserAgent = AgentName;
+            request.UserAgent = oAuthCredentials.UserAgentName;
             request.CachePolicy = new RequestCachePolicy(RequestCacheLevel.NoCacheNoStore);
             request.ContentLength = data.Length;
             using (var stream = request.GetRequestStream())
@@ -67,6 +61,9 @@ public static ExchangeService OAuthConnectPost()
                 var ewsClient = new ExchangeService();
                 ewsClient.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx");
                 ewsClient.Credentials = new OAuthCredentials(aToken);
+                //Impersonate and include x-anchormailbox headers are required!
+                ewsClient.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, emailAddress);
+                ewsClient.HttpHeaders.Add("X-AnchorMailbox", emailAddress);
                 ewsClient.Timeout = 60000;
                 return ewsClient;
             }

From bf99d7821261919fae61a1211098c4cedb596acd Mon Sep 17 00:00:00 2001
From: Sebastian Holzer <sebastian.holzer@dibit.at>
Date: Wed, 5 Jun 2024 07:12:44 +0200
Subject: [PATCH 6/6] Client Secret string for the Exchange application is now
 stored in an encrypted file rather than plaintext in the config, must be
 generated with DPAPI;

---
 .../FullyAnnotatedConfigReference.xml         |  7 +++++--
 Documentation/Mail2BugConfigExample.xml       | 10 +++++++---
 Mail2Bug/Config.cs                            |  2 +-
 Mail2Bug/Email/EWS/EWSConnectionManger.cs     | 19 ++++++++++++++++++-
 Mail2Bug/Email/MailboxManagerFactory.cs       |  5 ++++-
 Mail2Bug/Helpers/EWSOAuthHelper.cs            |  3 ++-
 6 files changed, 37 insertions(+), 9 deletions(-)

diff --git a/Documentation/FullyAnnotatedConfigReference.xml b/Documentation/FullyAnnotatedConfigReference.xml
index 9d6021c..96abd7c 100644
--- a/Documentation/FullyAnnotatedConfigReference.xml
+++ b/Documentation/FullyAnnotatedConfigReference.xml
@@ -309,8 +309,11 @@
             <TenantID>00000000-0000-0000-0000-000000000000</TenantID>
             <!-- Your Application (client) ID, can be found in the application Overview -->
             <ClientID>00000000-0000-0000-0000-000000000000</ClientID>
-            <!-- Your Client Credentials Secret, must be generated via the Client Credentials -->
-            <ClientSecret>k5r933EbGAQHjTzzNwii71JtRMb0rxI09htsJqMF</ClientSecret>
+            <!-- Pointer to a file that stores the client credentials secret. The file is expected to be encrypted
+             with DPAPI - use the DpapiTool.exe from the Tools subfolder to create one. Note that the tool needs to be
+             run under the same credentials that mail2bug will run with, otherwise it won't be able to decrypt the
+             contents. The client secret string that must be encrypted has to be generated via Microsoft Entra and looks like this: k5r933EbGAQHjTzzNwii71JtRMb0rxI09htsJqMF -->
+            <ClientSecretFile>.\Resources\mail2bugAppClientSecret.bin</ClientSecretFile>
             <!-- Optional useragent -->
             <UserAgentName>Mail2Bug/1.0.0.0</UserAgentName>
         </EWSOAuthSecret>
diff --git a/Documentation/Mail2BugConfigExample.xml b/Documentation/Mail2BugConfigExample.xml
index c698586..7c20b35 100644
--- a/Documentation/Mail2BugConfigExample.xml
+++ b/Documentation/Mail2BugConfigExample.xml
@@ -58,12 +58,16 @@
              The application will impersonate the EWSUsername and get access to that application. Make sure to allow the application to access the EWSUsername and allow impersonating it.
              If you want to use Basic Authentication, omit this element! Warning: You must still setup the EWSPasswordFile and EWSUsername to log in in Azure Devops/TFS.
              -->
-        <!--<EWSOAuthSecret>
+        <EWSOAuthSecret>
             <TenantID>00000000-0000-0000-0000-000000000000</TenantID>
             <ClientID>00000000-0000-0000-0000-000000000000</ClientID>
-            <ClientSecret>k5r933EbGAQHjTzzNwii71JtRMb0rxI09htsJqMF</ClientSecret>
+            <!-- Pointer to a file that stores the client credentials secret. The file is expected to be encrypted
+             with DPAPI - use the DpapiTool.exe from the Tools subfolder to create one. Note that the tool needs to be
+             run under the same credentials that mail2bug will run with, otherwise it won't be able to decrypt the
+             contents. The client secret string that must be encrypted has to be generated via Microsoft Entra and looks like this: k5r933EbGAQHjTzzNwii71JtRMb0rxI09htsJqMF -->
+            <ClientSecretFile>.\Resources\mail2bugAppClientSecret.bin</ClientSecretFile>
             <UserAgentName>Mail2Bug/1.0.0.0</UserAgentName>
-        </EWSOAuthSecret>-->
+        </EWSOAuthSecret>
 
         <!-- Warning: Changing this on an existing instance will break links with bugs that it already created. -->
         <UseConversationGuidOnly>true</UseConversationGuidOnly>
diff --git a/Mail2Bug/Config.cs b/Mail2Bug/Config.cs
index 1edec41..e97f192 100644
--- a/Mail2Bug/Config.cs
+++ b/Mail2Bug/Config.cs
@@ -32,7 +32,7 @@ public class OAuthSecret
         {
             public string TenantID { get; set; }
             public string ClientID { get; set; }
-            public string ClientSecret { get; set; }
+            public string ClientSecretFile { get; set; }
             public string UserAgentName { get; set; }
         }
 
diff --git a/Mail2Bug/Email/EWS/EWSConnectionManger.cs b/Mail2Bug/Email/EWS/EWSConnectionManger.cs
index 9f3539a..04aa348 100644
--- a/Mail2Bug/Email/EWS/EWSConnectionManger.cs
+++ b/Mail2Bug/Email/EWS/EWSConnectionManger.cs
@@ -28,7 +28,24 @@ public struct Credentials
             public string EmailAddress;
             public string UserName;
             public string Password;
-            public Config.OAuthSecret OAuthCredentials;
+            public CredentialsOAuth OAuthCredentials;
+        }
+
+        public class CredentialsOAuth
+        {
+            public CredentialsOAuth() { }
+            public CredentialsOAuth(Config.EmailSettings emailSettings, string clientSecret)
+            {
+                TenantID = emailSettings.EWSOAuthSecret.TenantID;
+                ClientID = emailSettings.EWSOAuthSecret.ClientID;
+                ClientSecret = clientSecret;
+                UserAgentName = emailSettings.EWSOAuthSecret.UserAgentName;
+            }
+
+            public string TenantID { get; set; }
+            public string ClientID { get; set; }
+            public string ClientSecret { get; set; }
+            public string UserAgentName { get; set; }
         }
 
         public struct EWSConnection
diff --git a/Mail2Bug/Email/MailboxManagerFactory.cs b/Mail2Bug/Email/MailboxManagerFactory.cs
index f360a76..9e6a98d 100644
--- a/Mail2Bug/Email/MailboxManagerFactory.cs
+++ b/Mail2Bug/Email/MailboxManagerFactory.cs
@@ -21,12 +21,15 @@ public IMailboxManager CreateMailboxManager(Config.EmailSettings emailSettings)
         {
             var credentialsHelper = new Helpers.CredentialsHelper();
             string password = credentialsHelper.GetPassword(emailSettings.EWSPasswordFile, emailSettings.EncryptionScope, emailSettings.EWSKeyVaultSecret);
+            string clientSecret = emailSettings.EWSOAuthSecret != null 
+                ? credentialsHelper.GetPassword(emailSettings.EWSOAuthSecret.ClientSecretFile, emailSettings.EncryptionScope, emailSettings.EWSKeyVaultSecret)
+                : null;
             var credentials = new EWSConnectionManger.Credentials
             {
                 EmailAddress = emailSettings.EWSMailboxAddress,
                 UserName = emailSettings.EWSUsername,
                 Password = password,
-                OAuthCredentials = emailSettings.EWSOAuthSecret,
+                OAuthCredentials = emailSettings.EWSOAuthSecret != null ? new EWSConnectionManger.CredentialsOAuth(emailSettings, clientSecret) : null,
             };
 
             var exchangeService = _connectionManger.GetConnection(credentials, emailSettings.UseConversationGuidOnly);
diff --git a/Mail2Bug/Helpers/EWSOAuthHelper.cs b/Mail2Bug/Helpers/EWSOAuthHelper.cs
index 4a177ac..deb475f 100644
--- a/Mail2Bug/Helpers/EWSOAuthHelper.cs
+++ b/Mail2Bug/Helpers/EWSOAuthHelper.cs
@@ -8,12 +8,13 @@
 using System.Net;
 using System.Text;
 using System.Threading.Tasks;
+using Mail2Bug.Email.EWS;
 
 namespace Mail2Bug.Helpers
 {
     public class EWSOAuthHelper
     {
-        public static ExchangeService OAuthConnectPost(Config.OAuthSecret oAuthCredentials, string emailAddress)
+        public static ExchangeService OAuthConnectPost(EWSConnectionManger.CredentialsOAuth oAuthCredentials, string emailAddress)
         {
             string LoginURL = String.Format("https://login.microsoftonline.com/{0}/oauth2/v2.0/token", oAuthCredentials.TenantID);