1

We are using Office.context.ui.displayDialogAsync for authentication with OAUTH library (Oidc-client) and below are the findings. Kindly help on the same.

  1. As per attached code we were able to get access token in taskpane.ts file as args in messageHandler...
  2. But when i logged in fresh browser that time only Secure Token Service (STS) login window getting opening.
  3. If i logged out and cleared access token then again trying to logged in that time directly getting in as logged user without opening Secure Token Service (STS) window.
  4. Once i cleared browser cache and all then only i am able to get Secure Token Service (STS) window again... Can you please advise about the scenario to handle? Do we need anything.

Current Scenario

displayDialogAsync getting opened as STS login very first time and able to login successfully. But for the subsequent login it is not getting popup and directly loading the data with tokens.

Expected Scenario

displayDialogAsync should not only open in first time login but also it should open for subsequent login which means if user logged out and trying to login again that time also it should popup.Is there anything need to clear cache for displayDialogAsync? Kindly help.

auth.ts

Office.initialize = function () {

    var settings = {
      authority: "https://xxxxxx.com/xxxx/xx",      
      client_id: "https://xxxxxxx.com/",
      redirect_uri: "https://localhost:3000/taskpane.html",
      // silent_redirect_uri:"https://localhost:3000/taskpane.html", 
      post_logout_redirect_uri: "https://xxxxxxx.com/",       
      response_type: "id_token token",
      scope: "openid read:xxxx read:xxxxxx read:xxxxxxx",
      state: true,
      clearHashAfterLogin: false,
      filterProtocolClaims: true,  
      loadUserInfo: true,
      nonce:true,       
    };
    Oidc.Log.logger = console;
    var mgr = new Oidc.UserManager(settings); 
    mgr.signinRedirect();
    mgr.signinRedirectCallback().then((user) => {       
      if (user) {
        console.log(user);

      } else {
        mgr.signinPopupCallback().then(function (user) {
          window.location.href = '../';
        }).catch(function (err) {
          console.log(err);
        });
        throw new Error('user is not logged in');
      }
    });    
  };

taskpane.ts

const loginpopup = function () {
      if (OfficeHelpers.Authenticator.isAuthDialog())
        return;     
      Office.context.ui.displayDialogAsync(
        url,
        { height: 60, width: 60, /*displayInIframe:true*/ },
        dialogCallback);
      function dialogCallback(asyncResult) {
        if (asyncResult.status == "failed") {
         
          switch (asyncResult.error.code) {
            case 12004:
              console.log("Domain is not trusted");
              break;
            case 12005:
              console.log("HTTPS is required");
              break;
            case 12007:
              console.log("A dialog is already opened.");
              break;
            default:
              console.log(asyncResult.error.message);
              break;
          }
        }
        else {
          dialog = asyncResult.value; 
          dialog.addEventHandler(Office.EventType.DialogMessageReceived, messageHandler);
        }
      }
      function messageHandler(arg: any) {
        if (arg != "jsonMessage") {
          $(".loader").show();
          var test = JSON.parse(arg.message).value.split("#")[1].split("&")[1].split("=");         
          dialog.close();
        };
      }
}

logout.ts

Office.initialize = () => {

  var settings = {    
    authority: "https://xxxxxx.com/xxxxxx/v1",     
    client_id: "https://xxxxxxx.com/",
    redirect_uri: "https://localhost:3000/logout.html",    
    post_logout_redirect_uri: "https://localhost:3000/logout.html", 
    metadata: {        
      issuer: 'https://xxxxxx.com/xxxxxx/v1',  
      authorization_endpoint:  "https://xxxxxx.com/xxxxxxx/v1/xxxxx"      
  }    
  };  
  var mgr = new Oidc.UserManager(settings);   
  mgr.signoutRedirect();
  mgr.removeUser();
  mgr.revokeAccessToken();
  mgr.clearStaleState();
  $("document").ready(function () {    
  localStorage.removeItem('accessToken');  
  localStorage.clear();
  });
Muruga ananth
  • 89
  • 11
  • It seems that oidc-client is persisting the token, perhaps in a cookie or LocalStorage, and if the token has not expired, it reuses it instead of making the user login in again to the STS. That is usually regarded as desirable behavior. If you don't want that to happen, there might be a setting that would turn off that behavior. See the documentation for oidc-client and for your STS. – Rick Kirkham Jun 26 '20 at 18:13
  • @Rick..Thank you for the response. So don't we need anything do with displaydialogasync? – Muruga ananth Jun 27 '20 at 17:45
  • @team from oidc-client, identityserver 4 also please provide your input's? – Muruga ananth Jun 29 '20 at 11:18
  • Hi Team, i have attached log out code piece and kindly let me know if anything missing on the same... – Muruga ananth Jun 30 '20 at 14:33
  • Issue here is very first time only identity server getting popup and once logout after that it is not popup properly instead directly data getting fetched.... – Muruga ananth Jun 30 '20 at 14:57
  • Hi Team, I logged the error in console "Uncaught (in propmise) Error:no end session endpoint" – Muruga ananth Jul 01 '20 at 11:23
  • @RickKirkham... Still i could not find how login successfully getting access token in taskpane.ts file.....if you see in auth.ts file which is called in dialogasync popup and redirected to taskpane.ts file and not returning any token but not sure how access token getting in taskpane.ts... any thoughts? – Muruga ananth Jul 03 '20 at 07:17

0 Answers0