0

Has Office Add-in for the Outlook Online. I need to implelemnt login logic to external service with next steps:

  1. Show my page (gateway.php) in seperate window
  2. Redirect to the external service authentication page
  3. Redirect back to my page, retrieve authentication code and notify parent application.

Using docs from MS Dev Center Authenticate and authorize with the Office dialog API and Use the Office dialog API in Office Add-ins

Both add-in and gateway.php pages are in the same domain/sub-domain. AppDomains in manifest updated. HTTPS is used. No custom ports. Its not a localhost.

The problems occurs on the stage 3: the dialog window is simply closed without any notifications or errors after its redirected back from external service auth page. Event Office.EventType.DialogEventReceived is caught in the parent window, but with error code 12006 'Dialog closed by user'. While Office.EventType.DialogMessageReceived is expected. After some debugging it's seems that next code from the office.js library is responisble:

var initialize = function OSF__OfficeAppFactory$initialize() {
    _retrieveHostInfo();
    _retrieveLoggingAllowed();
    if (_hostInfo.hostPlatform == "web" && _hostInfo.isDialog && window == window.top && window.opener == null) {
        window.open('', '_self', '');
        window.close(); //<--- this what closes my window
    }

And the reason for that is because due to redirect to external service page (which is outside my domain) window.opener is null.:( And i simply can't find how it should work in my case.

My page after the redirect is very simple -- just a script for the Office, but it's never even reached. Page is closed much earlier. 

<html>
<head>
   <script type="text/javascript" src="https://appsforoffice.microsoft.com/lib/1.1/hosted/office.debug.js"></script>
</head>
<body>

<script lang="js" type="text/javascript">   
  if (typeof Office !== 'undefined'){
        Office.onReady(info => {
                const messageObject = {message: "CODE_FROM_GET_PARAM"};
                const jsonMessage = JSON.stringify(messageObject);
                Office.context.ui.messageParent(jsonMessage);
      });
    } else {
        console.warn("Office failed");
    }
    </script>
</body>

</html>

For the case of redirects inside my domain -- everything works just fine. Parent is notified without any issues.

Any ideas how it should work in case of redirects to external domains? Based on the Authenticate and authorize with the Office dialog API it should.

Edited: Link to the created issue at Github.

Thanks

Pavel Krupski
  • 28
  • 1
  • 4
  • 1
    It looks like you may have found a bug. Please raise this issue on the [office-js](https://github.com/OfficeDev/office-js/issues/new/choose) repo. – Rick Kirkham Apr 28 '20 at 16:21
  • I think the key part may be "redirect to external service page (which is outside my domain) window.opener is null". We've seen this before, the parent-window is nulled out once you visit an "untrusted" site. One fix is to add all the sites you may navigate to, to the Trusted Sites list in the browser. Otherwise have to find another approach / design. – Brian Clink Apr 28 '20 at 16:46
  • Have you verified the suggestion by Brian Clink ? – Outlook Add-ins Team - MSFT May 10 '20 at 16:29
  • AFAIK, "Trusted sites" is Windwows/IE specific concept/setting. The fact that it may work fine after that in IE, unfortunately, gives me nothing (we are using Outlook Web, not desktop). It's b2b application for Outlook Online. The whole idea of using web-adding is to provide "platform/browser free" experience, otherwise it has no use or sense. – Pavel Krupski May 11 '20 at 04:13
  • Just out of curiosity tried in IE after adding my and external sevice domains to Trusted Sites. Same negative result – Pavel Krupski May 11 '20 at 04:32
  • @PavelKrupski we are unable to reproduce this issue, is it possible to provide your add-in manifest to us so we can check what the root cause is? – Outlook Add-ins Team - MSFT Jun 23 '20 at 21:31
  • I face the same problem, any updates? – Ömürcan Cengiz Aug 03 '22 at 22:38

0 Answers0