You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
I routinely get double popups the first time I try to click the "Get user data" button in Firefox or Safari on a fresh login or private window due to a failure to silently get a token in those cases. They open and then automatically close with no user intervention. I do not get these popups in chrome under the same conditions where silent token retrieval is successful.
This is both a UX annoyance and can cause functional issues if the browser is configured to block popups. The particular scenario I'm concerned about is if an admin grants consent on behalf of the org in which case the end users should see 0 popups prompting them for consent and ideally never need to allow popups.
This may be a combination of 2 issues:
Why is the popup needed at all?
Why are there 2 of them? (more annoying UX and more likely to have the browser decide to block one)
To Reproduce
Sideload in the add-in
Make a new email in outlook in Firefox
Message > the apps square > click the add-in
Consent to all permissions for the add-in (click the "get user data" button in the add-in and let it prompt you to accept them).
Verify you can see the results from the button click in the add-in pane
Now open a new private Firefox window
Make a new email in outlook in that private window
Open the add-in again, click the "get user data" button.
Notice that it throws 2 popups that automatically open/close.
Expected behavior
After permissions have been granted I'd expect no popups to be necessesary like in chrome.
Screenshots
Firefox console logs
The resource at “https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.2069.m.c813c80c.js” preloaded with link preload was not used within a few seconds. Make sure all attributes of the preload tag are set correctly. mail
The resource at “https://res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.MsalAuth.m.600aad13.js” preloaded with link preload was not used within a few seconds. Make sure all attributes of the preload tag are set correctly. mail
downloadable font: kern: Too large subtable (font-family: "Aptos" style:normal weight:400 stretch:100 src index:0) source: https://res.public.onecdn.static.microsoft/assets/mail/fonts/aptos/v1.93.230727224051/aptos/Aptos.woff2
downloadable font: Table discarded (font-family: "Aptos" style:normal weight:400 stretch:100 src index:0) source: https://res.public.onecdn.static.microsoft/assets/mail/fonts/aptos/v1.93.230727224051/aptos/Aptos.woff2
downloadable font: kern: Too large subtable (font-family: "Aptos" style:normal weight:700 stretch:100 src index:0) source: https://res.public.onecdn.static.microsoft/assets/mail/fonts/aptos/v1.93.230727224051/aptos/Aptos-Bold.woff2
downloadable font: Table discarded (font-family: "Aptos" style:normal weight:700 stretch:100 src index:0) source: https://res.public.onecdn.static.microsoft/assets/mail/fonts/aptos/v1.93.230727224051/aptos/Aptos-Bold.woff2
Partitioned cookie or storage access was provided to “https://localhost:3000/taskpane.html?et=” because it is loaded in the third-party context and dynamic state partitioning is enabled.
[webpack-dev-server] Server started: Hot Module Replacement enabled, Live Reloading enabled, Progress disabled, Overlay enabled. index.js:577
[HMR] Waiting for update signal from WDS... log.js:39
[webpack-dev-server] Server started: Hot Module Replacement enabled, Live Reloading enabled, Progress disabled, Overlay enabled. index.js:577
[HMR] Waiting for update signal from WDS... log.js:39
XML Parsing Error: no root element found
Location: https://localhost:3000/taskpane.html?et=
Line Number 1, Column 1: taskpane.html:1:1
Cookie warnings 10
[Wed, 13 Nov 2024 17:17:53 GMT] : [] : @azure/[email protected] : Info - Nested App Auth Bridge available: true msalconfig.ts:30:20
[Wed, 13 Nov 2024 17:17:53 GMT] : [] : @azure/[email protected] : Verbose - BrowserCrypto: modern crypto interface available msalconfig.ts:33:20
XHRGET
https://graph.microsoft.com/v1.0/chats?$top=50&$expand=lastMessagePreview&$select=viewpoint,lastMessagePreview
[HTTP/2 429 10ms]
downloadable font: kern: Too large subtable (font-family: "Aptos Display" style:normal weight:400 stretch:100 src index:0) source: https://res.public.onecdn.static.microsoft/assets/mail/fonts/aptos/v1.93.230727224051/aptos-display/Aptos-Display.woff2
downloadable font: Table discarded (font-family: "Aptos Display" style:normal weight:400 stretch:100 src index:0) source: https://res.public.onecdn.static.microsoft/assets/mail/fonts/aptos/v1.93.230727224051/aptos-display/Aptos-Display.woff2
downloadable font: kern: Too large subtable (font-family: "Aptos Narrow" style:normal weight:400 stretch:100 src index:0) source: https://res.public.onecdn.static.microsoft/assets/mail/fonts/aptos/v1.93.230727224051/aptos-narrow/Aptos-Narrow.woff2
downloadable font: Table discarded (font-family: "Aptos Narrow" style:normal weight:400 stretch:100 src index:0) source: https://res.public.onecdn.static.microsoft/assets/mail/fonts/aptos/v1.93.230727224051/aptos-narrow/Aptos-Narrow.woff2
Trying to acquire token silently... authConfig.ts:87:14
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing. mail
Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. oauthRedirect.html
The character encoding of a framed document was not declared. The document may appear different if viewed without the document framing it. oauthRedirect.html
Unable to acquire token silently: InteractionRequiredAuthError: login_required: AADSTS50058: A silent sign-in request was sent but no user is signed in. The cookies used to represent the user's session were not sent in the request to Azure AD. This can happen if the user is using Internet Explorer or Edge, and the web app sending the silent sign-in request is in different IE security zone than the Azure AD endpoint (login.microsoftonline.com). Trace ID: e791e837-6094-4a73-8656-98863b667700 Correlation ID: 01932688-27f1-73df-a48e-e4e634890d2a Timestamp: 2024-11-13 17:17:57Z authConfig.ts:92:14
Trying to acquire token interactively... authConfig.ts:97:14
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing. mail
Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. oauthRedirect.html
The character encoding of a framed document was not declared. The document may appear different if viewed without the document framing it. oauthRedirect.html
[Wed, 13 Nov 2024 17:17:59 GMT] : [] : @azure/[email protected] : Verbose - hydrateCache called msalconfig.ts:33:20
[Wed, 13 Nov 2024 17:17:59 GMT] : [] : @azure/[email protected] : Verbose - BrowserCacheManager.getAccountKeys - No account keys found msalconfig.ts:33:20
[Wed, 13 Nov 2024 17:17:59 GMT] : [] : @azure/[email protected] : Verbose - BrowserCacheManager.addAccountKeyToMap account key added msalconfig.ts:33:20
[Wed, 13 Nov 2024 17:17:59 GMT] : [] : @azure/[email protected] : Verbose - BrowserCacheManager.getTokenKeys - No token keys found msalconfig.ts:33:20
[Wed, 13 Nov 2024 17:17:59 GMT] : [] : @azure/[email protected] : Info - BrowserCacheManager: addTokenKey - idToken added to map msalconfig.ts:30:20
[Wed, 13 Nov 2024 17:17:59 GMT] : [] : @azure/[email protected] : Info - BrowserCacheManager: addTokenKey - accessToken added to map msalconfig.ts:30:20
[Wed, 13 Nov 2024 17:17:59 GMT] : [] : @azure/[email protected] : Verbose - setActiveAccount: Active account set msalconfig.ts:33:20
Acquired token interactively. authConfig.ts:100:14
[Wed, 13 Nov 2024 17:17:59 GMT] : [] : @azure/[email protected] : Verbose - setActiveAccount: Active account set msalconfig.ts:33:20
Object { "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity", businessPhones: [], displayName: "Devs", givenName: "Devs", jobTitle: null, mail: "[email protected]", mobilePhone: null, officeLocation: null, preferredLanguage: "en-US", surname: null, … }
msgraph-helper.ts:27:12
A resource is blocked by OpaqueResponseBlocking, please check browser console for details. 2 OutlookWeb-Mail-PROD
The connection to wss://augloop.office.com/ was interrupted while the page was loading. owa.13232.m.1012d67c.js:1:7035
[webpack-dev-server] App updated. Recompiling... index.js:577
[webpack-dev-server] App updated. Recompiling... index.js:577
[webpack-dev-server] App hot update... index.js:577
[HMR] Checking for updates on the server... log.js:39
[webpack-dev-server] App hot update... index.js:577
[HMR] Checking for updates on the server... log.js:39
[HMR] Update failed: Loading hot update chunk polyfill failed.
(missing: https://localhost:3000/polyfill.e0c31b8a82ca081b835d.hot-update.js)
loadUpdateChunk/<@https://localhost:3000/polyfill.js:26926:26
loadUpdateChunk@https://localhost:3000/polyfill.js:26921:20
__webpack_require__.hmrC.jsonp/<@https://localhost:3000/polyfill.js:27378:29
__webpack_require__.hmrC.jsonp@https://localhost:3000/polyfill.js:27373:22
hotCheck/</</<@https://localhost:3000/polyfill.js:26751:47
hotCheck/</<@https://localhost:3000/polyfill.js:26747:55
promise callback*hotCheck/<@https://localhost:3000/polyfill.js:26742:43
promise callback*hotCheck@https://localhost:3000/polyfill.js:26733:15
check@https://localhost:3000/polyfill.js:4020:5
./node_modules/webpack/hot/dev-server.js/<@https://localhost:3000/polyfill.js:4074:4
emit@https://localhost:3000/polyfill.js:350:17
reloadApp@https://localhost:3000/polyfill.js:3915:67
ok@https://localhost:3000/polyfill.js:1841:68
./node_modules/webpack-dev-server/client/socket.js/initSocket/<@https://localhost:3000/polyfill.js:3591:29
./node_modules/webpack-dev-server/client/clients/WebSocketClient.js/onMessage/this.client.onmessage@https://localhost:3000/polyfill.js:1574:10
EventHandlerNonNull*onMessage@https://localhost:3000/polyfill.js:1573:7
initSocket@https://localhost:3000/polyfill.js:3584:10
./node_modules/webpack-dev-server/client/index.js?protocol=wss%3A&hostname=0.0.0.0&port=3000&pathname=%2Fws&logging=info&overlay=true&reconnect=10&hot=true&live-reload=true@https://localhost:3000/polyfill.js:1926:55
__webpack_require__@https://localhost:3000/polyfill.js:26353:32
@https://localhost:3000/polyfill.js:27417:30
@https://localhost:3000/polyfill.js:27422:12
log.js:41
[HMR] Nothing hot updated. log.js:39
[HMR] App is up to date. log.js:39
Chrome logs when performing the same action
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.861 Chrome is moving towards a new experience that allows users to choose to browse without third-party cookies.
11:15:04.963 bootstrap:22 [webpack-dev-server] Server started: Hot Module Replacement enabled, Live Reloading enabled, Progress disabled, Overlay enabled.
11:15:04.964 bootstrap:22 [HMR] Waiting for update signal from WDS...
11:15:05.028 bootstrap:22 [webpack-dev-server] Server started: Hot Module Replacement enabled, Live Reloading enabled, Progress disabled, Overlay enabled.
11:15:05.029 bootstrap:22 [HMR] Waiting for update signal from WDS...
11:15:06.067 msalconfig.ts:30 [Wed, 13 Nov 2024 17:15:06 GMT] : [] : @azure/[email protected] : Info - Nested App Auth Bridge available: true
11:15:06.067 msalconfig.ts:33 [Wed, 13 Nov 2024 17:15:06 GMT] : [] : @azure/[email protected] : Verbose - BrowserCrypto: modern crypto interface available
11:15:08.164 owa.30114.m.7d654955.js:1
GET https://graph.microsoft.com/v1.0/chats?$top=50&$expand=lastMessagePreview&$select=viewpoint,lastMessagePreview 429 (Too Many Requests)
o @ owa.30114.m.7d654955.js:1
c @ owa.30114.m.7d654955.js:1
E @ owa.30114.m.7d654955.js:1
await in E
(anonymous) @ owa.mailindex.8754bfb2.js:1
Promise.then
importAndExecute @ owa.mailindex.8754bfb2.js:1
task @ owa.AppBoot.m.01b05440.js:1
t @ owa.Tti.m.1ee76fcc.js:1
(anonymous) @ owa.Tti.m.1ee76fcc.js:1
postTask
r @ owa.mailindex.8754bfb2.js:1
(anonymous) @ owa.Tti.m.1ee76fcc.js:1
(anonymous) @ owa.Tti.m.1ee76fcc.js:1
runTask @ owa.AppBoot.m.01b05440.js:17
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
Promise.then
tryRunTask @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
postTask
r @ owa.mailindex.8754bfb2.js:1
scheduleTask @ owa.AppBoot.m.01b05440.js:17
onTaskComplete @ owa.AppBoot.m.01b05440.js:17
(anonymous) @ owa.AppBoot.m.01b05440.js:17
11:15:09.223 authConfig.ts:87 Trying to acquire token silently...
11:15:09.242 owa.2069.m.c813c80c.js:7 An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
tF @ owa.2069.m.c813c80c.js:7
tK @ owa.2069.m.c813c80c.js:7
(anonymous) @ owa.2069.m.c813c80c.js:1
tD @ owa.2069.m.c813c80c.js:7
(anonymous) @ owa.2069.m.c813c80c.js:1
silentTokenHelper @ owa.2069.m.c813c80c.js:7
await in silentTokenHelper
(anonymous) @ owa.2069.m.c813c80c.js:1
acquireToken @ owa.2069.m.c813c80c.js:7
await in acquireToken
ssoSilent @ owa.2069.m.c813c80c.js:7
ssoSilent @ owa.2069.m.c813c80c.js:7
eg @ owa.MsalAuth.m.600aad13.js:1
eV @ owa.MsalAuth.m.600aad13.js:1
ej @ owa.MsalAuth.m.600aad13.js:1
await in ej
getNestedAppAuthToken @ owa.MsalAuth.m.600aad13.js:1
getTokenRequest @ owa.MsalAuth.m.600aad13.js:1
(anonymous) @ owa.MsalAuth.m.600aad13.js:1
l @ owa.MsalAuth.m.600aad13.js:1
f @ owa.MsalAuth.m.600aad13.js:1
eY @ owa.MsalAuth.m.600aad13.js:1
(anonymous) @ owa.mailindex.8754bfb2.js:1
then @ owa.mailindex.8754bfb2.js:1
importAndExecute @ owa.mailindex.8754bfb2.js:1
(anonymous) @ owa.mailindex.8754bfb2.js:1
then @ owa.mailindex.8754bfb2.js:1
importAndExecute @ owa.mailindex.8754bfb2.js:1
executeNaaRequest @ owa.AppBoot.m.01b05440.js:1
tT @ owa.82103.m.0f56f587.js:1
n8 @ owa.82103.m.0f56f587.js:1
(anonymous) @ owa.82103.m.0f56f587.js:1
e.invoke @ owa.24892.m.c797c99d.js:1
u @ owa.24892.m.c797c99d.js:1
v @ owa.24892.m.c797c99d.js:1
11:15:09.678 mail/oauthRedirect.html#code=1.ASgATSnmPjO2u0asaqgHWwlcEyC_mZE_oQdBhdwCEUeH70jZAG8oAA.AgABBAIAAADW6jl31mB3T7ugrWTT8pFeAwDs_wUA9P-8z9yphqfHBXVscm0xI7DbcRFFwIYOI7drYOMTuozXiX0ObAMM_xfioc3c38-miZ0r5aLcnflx24Uv0hLc0yW94NUih6tZw7xWv2lKSIh3uTFII3HiXB0a9PUuSV83oAf_rmjh__fFwgHj7DCw746hBJfDZEF2jj5nGBqvOMYuZr70fbbzmlS5coRSaq6VYSa0bL90R87XGReOUNMfucVuka3q0XTfQaKwGpC4przhqJ9q4z6RQ9bOc4u7TGhguXqax7jyj38jVEiFnA8UsxWtGkwrlbeuDRiOt4rLEdSKbLGxiXmgAXZCM6sGV3ADvXQIyzpPF7XdBXrz0gJd66VC3UV3Z70VkvfJCGYxCe20w3Hg7pDLcMtZBs7jOLyKuwgJMVdQ8SSydkQ7ruSP-xjoa1-i4qwz9WXlYXyWftqh7l2EJYMMY9Z9gwoYEKmrP4jZ7GK127wjGQt4egt5VtllXEX8qmwqe8cSKWVkis2vHL4H5JupaOseSSLCMz_PWiiRAGHTjrFqVb5xtYj-jqFb39bHfz_EwiIRJPowYDEK-uPKOel_cro8fWMNj1lH51BwTOr8ehXy-HtFf5UyxofXjihLmt5PZE6HwJoQk0r20a4V5TfNbqMzYT-CA1bC-BEErNz4ma3a6PUuTqEC_5uOH6kZe2kGhihQysJQPC9HyyNplAvNn0EBDx28wDhCitoVvuvtIvPAvDD_-oJ6kIG8FwUKzZyiOn6CqJ24FIRqVfjf1_Ed2CLyiwOOCix4Nnai9JeZJ6IESAHQ10BMxbKAGk1W3JEIlJJ8fMIhvPeuIbc-2a2TlCzqWALkFS9QCjHAa78OaII&client_info=eyJ1aWQiOiJhMGU5MmI0Ny03OTM1LTQyNTEtOTQwMy05N2U5MmRkZWUxZDMiLCJ1dGlkIjoiM2VlNjI5NGQtYjYzMy00NmJiLWFjNmEtYTgwNzViMDk1YzEzIn0&state=eyJpZCI6IjAxOTMyNjg1LTk2MmMtNzg3Mi04NjBhLTg1ZWI2NTI5NDdhZCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&session_state=f00afcdb-7bf3-401c-864d-e892ff10e2b9:1 An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
11:15:10.286 msalconfig.ts:33 [Wed, 13 Nov 2024 17:15:10 GMT] : [] : @azure/[email protected] : Verbose - hydrateCache called
11:15:10.287 msalconfig.ts:33 [Wed, 13 Nov 2024 17:15:10 GMT] : [] : @azure/[email protected] : Verbose - BrowserCacheManager.getAccountKeys - No account keys found
11:15:10.287 msalconfig.ts:33 [Wed, 13 Nov 2024 17:15:10 GMT] : [] : @azure/[email protected] : Verbose - BrowserCacheManager.addAccountKeyToMap account key added
11:15:10.288 msalconfig.ts:33 [Wed, 13 Nov 2024 17:15:10 GMT] : [] : @azure/[email protected] : Verbose - BrowserCacheManager.getTokenKeys - No token keys found
11:15:10.288 msalconfig.ts:30 [Wed, 13 Nov 2024 17:15:10 GMT] : [] : @azure/[email protected] : Info - BrowserCacheManager: addTokenKey - idToken added to map
11:15:10.288 msalconfig.ts:30 [Wed, 13 Nov 2024 17:15:10 GMT] : [] : @azure/[email protected] : Info - BrowserCacheManager: addTokenKey - accessToken added to map
11:15:10.289 msalconfig.ts:33 [Wed, 13 Nov 2024 17:15:10 GMT] : [] : @azure/[email protected] : Verbose - setActiveAccount: Active account set
11:15:10.289 authConfig.ts:89 Acquired token silently.
11:15:10.403 msgraph-helper.ts:27 {@odata.context: 'https://graph.microsoft.com/v1.0/$metadata#users/$entity', businessPhones: Array(0), displayName: 'Devs', givenName: 'Devs', jobTitle: null, …}
11:22:16.000 index.js:577 [webpack-dev-server] App updated. Recompiling...
11:22:16.001 index.js:577 [webpack-dev-server] App updated. Recompiling...
11:22:16.658 index.js:577 [webpack-dev-server] App hot update...
11:22:16.658 log.js:39 [HMR] Checking for updates on the server...
11:22:16.659 index.js:577 [webpack-dev-server] App hot update...
11:22:16.659 log.js:39 [HMR] Checking for updates on the server...
11:22:16.710 log.js:41 [HMR] Update failed: Loading hot update chunk polyfill failed.
(missing: https://localhost:3000/polyfill.e0c31b8a82ca081b835d.hot-update.js)
ChunkLoadError
at https://localhost:3000/polyfill.js:26926:26
at new Promise (<anonymous>)
at loadUpdateChunk (https://localhost:3000/polyfill.js:26921:20)
at https://localhost:3000/polyfill.js:27378:29
at Array.forEach (<anonymous>)
at __webpack_require__.hmrC.jsonp (https://localhost:3000/polyfill.js:27373:22)
at https://localhost:3000/polyfill.js:26751:47
at Array.reduce (<anonymous>)
at https://localhost:3000/polyfill.js:26747:55
__webpack_modules__../node_modules/webpack/hot/log.js.module.exports @ log.js:41
(anonymous) @ dev-server.js:60
Promise.catch
check @ dev-server.js:45
(anonymous) @ dev-server.js:69
emit @ events.js:153
reloadApp @ reloadApp.js:38
ok @ index.js:239
(anonymous) @ socket.js:62
client.onmessage @ WebSocketClient.js:45
Show 9 more frames
Show less
11:22:16.711 log.js:39 [HMR] Nothing hot updated.
11:22:16.711 log.js:39 [HMR] App is up to date.
URL of sample
https://github.com/OfficeDev/Office-Add-in-samples/tree/main/Samples/auth/Outlook-Add-in-SSO-NAA
Describe the bug
I routinely get double popups the first time I try to click the "Get user data" button in Firefox or Safari on a fresh login or private window due to a failure to silently get a token in those cases. They open and then automatically close with no user intervention. I do not get these popups in chrome under the same conditions where silent token retrieval is successful.
This is both a UX annoyance and can cause functional issues if the browser is configured to block popups. The particular scenario I'm concerned about is if an admin grants consent on behalf of the org in which case the end users should see 0 popups prompting them for consent and ideally never need to allow popups.
This may be a combination of 2 issues:
To Reproduce
Sideload in the add-in
Expected behavior
After permissions have been granted I'd expect no popups to be necessesary like in chrome.
Screenshots
Firefox console logs
Chrome logs when performing the same action
Environment
Additional context
n/a
The text was updated successfully, but these errors were encountered: