Merge branch 'dev' into custom-domain-msal-core

Author: tnorling

lib/msal-browser/src/index.ts

@@ -11,6 +11,8 @@ export type { AuthCallback } from "./types/AuthCallback";
 
 // Common Object Formats
 export {
+    // Account
+    AccountInfo,
     // Request
     AuthorizationUrlRequest,
     SilentFlowRequest,

lib/msal-browser/src/utils/BrowserConstants.ts

@@ -33,7 +33,7 @@ export const BrowserConstants = {
 export enum HTTP_REQUEST_TYPE {
     GET = "GET",
     POST = "POST"
-};
+}
 
 /**
  * Temporary cache keys for MSAL, deleted after any request.
@@ -49,4 +49,4 @@ export enum TemporaryCacheKeys {
     URL_HASH = "urlHash",
     REQUEST_PARAMS = "request.params",
     SCOPES = "scopes"
-};
+}

samples/VanillaJSTestApp2.0/app/default/auth.js

@@ -22,6 +22,7 @@ myMSALObj.handleRedirectPromise().then(handleResponse).catch(err => {
 
 function handleResponse(resp) {
     if (resp !== null) {
+        username = resp.account.username;
         showWelcomeMessage(resp.account);
     } else {
         // need to call getAccount here?
@@ -31,6 +32,7 @@ function handleResponse(resp) {
         } else if (currentAccounts.length > 1) {
             // Add choose account code here
         } else if (currentAccounts.length === 1) {
+            username = currentAccounts[0].username;
             showWelcomeMessage(currentAccounts[0]);
         }
     }
@@ -51,6 +53,7 @@ function signOut() {
     const logoutRequest = {
         account: myMSALObj.getAccountByUsername(username)
     };
+
     myMSALObj.logout(logoutRequest);
 }
 
@@ -83,4 +86,3 @@ async function getTokenRedirect(request, account) {
         }
     });
 }
-

samples/VanillaJSTestApp2.0/app/default/authConfig.js

@@ -12,7 +12,8 @@ const msalConfig = {
 
 // Add here scopes for id token to be used at MS Identity Platform endpoints.
 const loginRequest = {
-    scopes: ["User.Read"]
+    scopes: ["User.Read"],
+    redirectUri: "http://localhost:30662/"
 };
 
 // Add here the endpoints for MS Graph API services you would like to use.
@@ -24,9 +25,11 @@ const graphConfig = {
 // Add here scopes for access token to be used at MS Graph API endpoints.
 const tokenRequest = {
     scopes: ["Mail.Read"],
+    redirectUri: "http://localhost:30662/",
     forceRefresh: false // Set this to "true" to skip a cached token and go to the server to get a new token
 };
 
 const silentRequest = {
-    scopes: ["3fba556e-5d4a-48e3-8e1a-fd57c12cb82e", "User.Read", "Mail.Read"]
+    scopes: ["openid", "profile", "User.Read", "Mail.Read"],
+    redirectUri: "http://localhost:30662/"
 };

samples/VanillaJSTestApp2.0/app/default/graph.js

@@ -40,3 +40,25 @@ async function readMail() {
         mailButton.style.display = 'none';
     }
 }
+
+async function seeProfileRedirect() {
+    const currentAcc = myMSALObj.getAccountByUsername(username);
+    if (currentAcc) {
+        const response = await getTokenRedirect(loginRequest, currentAcc).catch(error => {
+            console.log(error);
+        });
+        callMSGraph(graphConfig.graphMeEndpoint, response.accessToken, updateUI);
+        profileButton.style.display = 'none';
+    }
+}
+
+async function readMailRedirect() {
+    const currentAcc = myMSALObj.getAccountByUsername(username);
+    if (currentAcc) {
+        const response = await getTokenRedirect(tokenRequest, currentAcc).catch(error => {
+            console.log(error);
+        });
+        callMSGraph(graphConfig.graphMailEndpoint, response.accessToken, updateUI);
+        mailButton.style.display = 'none';
+    }
+}

samples/VanillaJSTestApp2.0/app/default/ui.js

@@ -9,7 +9,6 @@ const profileDiv = document.getElementById("profile-div");
 function showWelcomeMessage(account) {
     // Reconfiguring DOM elements
     cardDiv.style.display = 'initial';
-    username = account.username;
     welcomeDiv.innerHTML = `Welcome ${username}`;
     signInButton.nextElementSibling.style.display = 'none';
     signInButton.setAttribute("onclick", "signOut();");

samples/VanillaJSTestApp2.0/app/multipleResources/auth.js

@@ -9,56 +9,58 @@ const isIE = msie > 0 || msie11 > 0;
 const isEdge = msedge > 0;
 
 let signInType;
+let username = "";
 
 // Create the main myMSALObj instance
 // configuration parameters are located at authConfig.js
 const myMSALObj = new msal.PublicClientApplication(msalConfig); 
 
-// Register Callbacks for Redirect flow
-myMSALObj.handleRedirectCallback(authRedirectCallBack);
+// Redirect: once login is successful and redirects with tokens, call Graph API
+myMSALObj.handleRedirectPromise().then(handleResponse).catch(err => {
+    console.error(err);
+});
 
-function authRedirectCallBack(error, response) {
-    if (error) {
-        console.log(error);
+// Redirect: once login is successful and redirects with tokens, call Graph API
+function handleResponse(resp) {
+    if (resp !== null) {
+        username = resp.account.username;
+        showWelcomeMessage(resp.account);
+        getTokenRedirect(tokenRequest, resp.account);
     } else {
-        if (myMSALObj.getAccount()) {
-            console.log('id_token acquired at: ' + new Date().toString());
-            showWelcomeMessage(myMSALObj.getAccount());
-            getTokenRedirect(loginRequest);
-        } else if (response.tokenType === "Bearer") {
-            console.log('access_token acquired at: ' + new Date().toString());
-        } else {
-            console.log("token type is:" + response.tokenType);
+        // need to call getAccount here?
+        const currentAccounts = myMSALObj.getAllAccounts();
+        if (currentAccounts === null) {
+            return;
+        } else if (currentAccounts.length > 1) {
+            // Add choose account code here
+        } else if (currentAccounts.length === 1) {
+            username = currentAccounts[0].username;
+            showWelcomeMessage(currentAccounts[0]);
+            getTokenRedirect(tokenRequest, currentAccounts[0]);
         }
     }
 }
 
-// Redirect: once login is successful and redirects with tokens, call Graph API
-if (myMSALObj.getAccount()) {
-    // avoid duplicate code execution on page load in case of iframe and Popup window.
-    showWelcomeMessage(myMSALObj.getAccount());
-}
-
 async function signIn(method) {
     signInType = isIE ? "loginRedirect" : method;
     if (signInType === "loginPopup") {
-        const loginResponse = await myMSALObj.loginPopup(loginRequest).catch(function (error) {
+        return myMSALObj.loginPopup(loginRequest).then(handleResponse).catch(function (error) {
             console.log(error);
         });
-        console.log(loginResponse);
-        if (myMSALObj.getAccount()) {
-            showWelcomeMessage(myMSALObj.getAccount());
-        }
     } else if (signInType === "loginRedirect") {
-        myMSALObj.loginRedirect(loginRequest)
+        return myMSALObj.loginRedirect(loginRequest)
     }
 }
 
 function signOut() {
-    myMSALObj.logout();
+    const logoutRequest = {
+        account: myMSALObj.getAccountByUsername(username)
+    };
+    myMSALObj.logout(logoutRequest);
 }
 
-async function getTokenPopup(request) {
+async function getTokenPopup(request, account) {
+    request.account = account;
     return await myMSALObj.acquireTokenSilent(request).catch(async (error) => {
         console.log("silent token acquisition fails.");
         if (error instanceof msal.InteractionRequiredAuthError) {
@@ -67,22 +69,21 @@ async function getTokenPopup(request) {
                 console.error(error);
             });
         } else {
-            return myMSALObj.acquireTokenPopup(request).catch(error => {
-                console.error(error);
-            });
+            console.error(error);
         }
     });
 }
 
 // This function can be removed if you do not need to support IE
-async function getTokenRedirect(request) {
+async function getTokenRedirect(request, account) {
+    request.account = account;
     return await myMSALObj.acquireTokenSilent(request).catch(async (error) => {
         console.log("silent token acquisition fails.");
         if (error instanceof msal.InteractionRequiredAuthError) {
+            // fallback to interaction when silent call fails
             console.log("acquiring token using redirect");
             myMSALObj.acquireTokenRedirect(request);
         } else {
-            myMSALObj.acquireTokenRedirect(request);
             console.error(error);
         }
     });

samples/VanillaJSTestApp2.0/app/multipleResources/authConfig.js

@@ -12,16 +12,24 @@ const msalConfig = {
 
 // Add here scopes for id token to be used at MS Identity Platform endpoints.
 const loginRequest = {
-    scopes: ["User.Read"]
+    scopes: ["User.Read", "https://msidlab0.spoppe.com/user.read"],
+    redirectUri: "http://localhost:30662/"
 };
 
 // Add here the endpoints for MS Graph API services you would like to use.
 const graphConfig = {
-    graphMeEndpoint: "https://graph.microsoft-ppe.com/v1.0/me"
+    graphMeEndpoint: "https://graph.microsoft-ppe.com/v1.0/me",
+    graphMailEndpoint: "https://graph.microsoft-ppe.com/v1.0/me/messages"
 };
 
 // Add here scopes for access token to be used at MS Graph API endpoints.
 const tokenRequest = {
     scopes: ["https://msidlab0.spoppe.com/User.Read"],
+    redirectUri: "http://localhost:30662/",
     forceRefresh: false // Set this to "true" to skip a cached token and go to the server to get a new token
-};
+};
+
+const silentRequest = {
+    scopes: ["openid", "profile", "User.Read", "Mail.Read"],
+    redirectUri: "http://localhost:30662/"
+};

samples/VanillaJSTestApp2.0/app/multipleResources/graph.js

@@ -20,8 +20,9 @@ function callMSGraph(endpoint, accessToken, callback) {
 }
 
 async function seeProfile() {
-    if (myMSALObj.getAccount()) {
-        const response = await getTokenPopup(loginRequest).catch(error => {
+    const currentAcc = myMSALObj.getAccountByUsername(username);
+    if (currentAcc) {
+        const response = await getTokenPopup(loginRequest, currentAcc).catch(error => {
             console.log(error);
         });
         callMSGraph(graphConfig.graphMeEndpoint, response.accessToken, updateUI);
@@ -30,8 +31,9 @@ async function seeProfile() {
 }
 
 async function acquireSecondToken() {
-    if (myMSALObj.getAccount()) {
-        const response = await getTokenPopup(tokenRequest).catch(error => {
+    const currentAcc = myMSALObj.getAccountByUsername(username);
+    if (currentAcc) {
+        const response = await getTokenPopup(tokenRequest, currentAcc).catch(error => {
             console.log(error);
         });
         updateUI("Second Token Acquired", "")

samples/VanillaJSTestApp2.0/app/multipleResources/ui.js

@@ -9,7 +9,7 @@ const profileDiv = document.getElementById("profile-div");
 function showWelcomeMessage(account) {
     // Reconfiguring DOM elements
     cardDiv.style.display = 'initial';
-    welcomeDiv.innerHTML = `Welcome ${account.name}`;
+    welcomeDiv.innerHTML = `Welcome ${account.username}`;
     signInButton.nextElementSibling.style.display = 'none';
     signInButton.setAttribute("onclick", "signOut();");
     signInButton.setAttribute('class', "btn btn-success")