Updated SSO flow to prompt

When SSO returns a 13007 or 13005 from a non-prompting call to `getAccessTokenAsync`, repeat the call with `forceConsent=true`.
OfficeDev · Apr 5, 2018 · a89becb · a89becb
1 parent e2eadd3
commit a89becb
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 2 deletions.
diff --git a/AttachmentDemoWeb/Functions/FunctionFile.js b/AttachmentDemoWeb/Functions/FunctionFile.js
@@ -34,11 +34,24 @@ function saveAllAttachments(event) {
             if (result.status === "succeeded") {
                 // No need to prompt user, use this token to call Web API
                 saveAllAttachmentsWithSSO(result.value, event);
+            } else if (result.error.code == 13007 || result.error.code == 13005) {
+                // These error codes indicate that we need to prompt for consent
+                Office.context.auth.getAccessTokenAsync({ forceConsent: true }, function (result) {
+                    if (result.status === "succeeded") {
+                        saveAllAttachmentsWithSSO(result.value, event);
+                    } else {
+                        // Could not get SSO token, proceed with authentication prompt
+                        saveAllAttachmentsWithPrompt(event);
+                    }
+                });
             } else {
                 // Could not get SSO token, proceed with authentication prompt
                 saveAllAttachmentsWithPrompt(event);
             }
         });
+    } else {
+        // SSO not supported
+        saveAllAttachmentsWithPrompt(event);
     }
 }
 
@@ -81,7 +94,7 @@ function saveAllAttachmentsWithPrompt(event) {
     });
 
     authenticator
-        .authenticate("Microsoft")
+        .authenticate(OfficeHelpers.DefaultEndpoints.Microsoft, true)
         .then(function (token) {
             showProgress("Retrieving Outlook callback token");
 

diff --git a/AttachmentDemoWeb/MessageRead.js b/AttachmentDemoWeb/MessageRead.js
@@ -165,11 +165,24 @@
                 if (result.status === "succeeded") {
                     // No need to prompt user, use this token to call Web API
                     saveAttachmentsWithSSO(result.value, attachmentIds);
+                } else if (result.error.code == 13007 || result.error.code == 13005) {
+                    // These error codes indicate that we need to prompt for consent
+                    Office.context.auth.getAccessTokenAsync({ forceConsent: true }, function (result) {
+                        if (result.status === "succeeded") {
+                            saveAttachmentsWithSSO(result.value, attachmentIds);
+                        } else {
+                            // Could not get SSO token, proceed with authentication prompt
+                            saveAttachmentsWithPrompt(attachmentIds);
+                        }
+                    });
                 } else {
                     // Could not get SSO token, proceed with authentication prompt
                     saveAttachmentsWithPrompt(attachmentIds);
                 }
             });
+        } else {
+            // SSO not supported
+            saveAttachmentsWithPrompt(attachmentIds);
         }
     }
 
@@ -198,7 +211,7 @@
 
     function saveAttachmentsWithPrompt(attachmentIds) {
         authenticator
-            .authenticate(OfficeHelpers.DefaultEndpoints.Microsoft)
+            .authenticate(OfficeHelpers.DefaultEndpoints.Microsoft, true)
             .then(function (token) {
                 // Get callback token, which grants read access to the current message
                 // via the Outlook API