From 2f88dc2260516a739c9d81db2c3d2daa239666b1 Mon Sep 17 00:00:00 2001
From: Prithvi Kanherkar <prithviraj.kanherkar@microsoft.com>
Date: Tue, 18 Sep 2018 10:17:35 -0700
Subject: [PATCH 1/9] Adding browser detection functionality

Adding functionality to detect whether browser is IE or Edge. If it is detected to be one of those broswers, it will force loginRedirect, otherwise it will use loginPopup.
---
 JavaScriptSPA/index.html | 111 ++++++++++++++++++++++++++-------------
 1 file changed, 75 insertions(+), 36 deletions(-)

diff --git a/JavaScriptSPA/index.html b/JavaScriptSPA/index.html
index 7855647..9303be1 100644
--- a/JavaScriptSPA/index.html
+++ b/JavaScriptSPA/index.html
@@ -2,21 +2,16 @@
 <html>
 <head>
     <title>Quickstart for MSAL JS</title>
+	<script src="https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js"></script>
     <script src="https://secure.aadcdn.microsoftonline-p.com/lib/0.2.3/js/msal.js"></script>
-    <script src="https://code.jquery.com/jquery-3.2.1.min.js" class="pre"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js" class="pre"></script>
-    <style>
-        table, td, th {
-            border: 1px solid black;
-        }
-    </style>
+    <script src="https://code.jquery.com/jquery-3.2.1.min.js"></script>
 </head>
 
 <body>
     <h2>Welcome to MSAL.js Quickstart</h2><br/>
     <h4 id="WelcomeMessage"></h4>
     <button id="SignIn" onclick="signIn()">Sign In</button><br/><br/>
-    <table id="graphData"></table>
+	<pre id="json"></pre>
 
     <script>
         var applicationConfig = {
@@ -28,33 +23,34 @@ <h4 id="WelcomeMessage"></h4>
         //Pass null for default authority (https://login.microsoftonline.com/common) and tokenReceivedCallback if using popup apis
         var myMSALObj = new Msal.UserAgentApplication(applicationConfig.clientID, null, null);
 
+		// Browser check variables
+		var ua = window.navigator.userAgent;
+		var msie = ua.indexOf('MSIE ');
+		var msie11 = ua.indexOf('Trident/');
+		var msedge = ua.indexOf('Edge/');
+		
         function signIn() {
-            myMSALObj.loginPopup(applicationConfig.graphScopes).then(function (idToken) {
-                //Login Success
-                showWelcomeMessage();
-                acquireTokenAndCallMSGraph();
-            }, function (error) {
-                console.log(error);
-            });
+			if (msie > 0 || msie11 > 0 || msedge > 0) {
+				// NOTE: IE/Edge detected - use redirect
+				signInRedirect();
+			} else {
+				// NOTE: Not using IE browser - use popup
+				signInPopup();
+			}
         }
-
+		
         function signOut() {
             myMSALObj.logout();
         }
 
         function acquireTokenAndCallMSGraph() {
-            //Call acquireTokenSilent (hidden iframe) to obtain a token for Microsoft Graph
-            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
-                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-            }, function (error) {
-                //Call acquireTokenPopup (popup window) in case of acquireToken Failure
-                if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
-                    myMSALObj.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) {
-                        callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-                    }, function (error) {
-                    });
-                }
-            });
+			if (msie > 0 || msie11 > 0 || msedge > 0) {
+				// NOTE: only for IE and Edge browsers
+				acquireTokenRedirectAndCallMSGraph(myMSALObj);
+			} else {
+				// NOTE: for all other non-IE/Edge browsers (i.e. Chrome, Firefox, etc.)
+				acquireTokenPopupAndCallMSGraph();
+			}
         }
 
         function callMSGraph(theUrl, accessToken, callback) {
@@ -71,18 +67,12 @@ <h4 id="WelcomeMessage"></h4>
         function graphAPICallback(data) {
             //Display user data on DOM
             var divWelcome = document.getElementById('WelcomeMessage');
-            divWelcome.innerHTML += " to Microsoft Graph API!!";
-            $.each(data, function (key, value) {
-                var tr = $('<tr></tr>');
-                $('<td>' + '<i>' + key + '</i>' + '</td>').appendTo(tr);
-                $('<td>' + value + '</td>').appendTo(tr);
-                tr.appendTo('#graphData');
-            });
+            document.getElementById("json").innerHTML = JSON.stringify(data, null, 2);
         }
 
         function showWelcomeMessage() {
             var divWelcome = document.getElementById('WelcomeMessage');
-            divWelcome.innerHTML += 'Welcome ' + myMSALObj.getUser().name;
+            divWelcome.innerHTML += 'Welcome ' + myMSALObj.getUser().name + " to Microsoft Graph API!!";
             var loginbutton = document.getElementById('SignIn');
             loginbutton.innerHTML = 'Sign Out';
             loginbutton.setAttribute('onclick', 'signOut();');
@@ -92,6 +82,55 @@ <h4 id="WelcomeMessage"></h4>
             showWelcomeMessage();
             acquireTokenAndCallMSGraph();
         }
+		
+		/* POPUP HELPER FUNCTIONS BELOW */
+		
+		// If not using IE or Edge InPrivate browser, you may replace the contents of signIn() with the contents of signInPopup()
+		function signInPopup() {
+			myMSALObj.loginPopup(applicationConfig.graphScopes).then(function (idToken) {
+                //Login Success
+                showWelcomeMessage();
+                acquireTokenAndCallMSGraph();
+            }, function (error) {
+                console.log(error);
+            });
+		}
+		
+		// If not using IE or Edge InPrivate browser, you may replace the contents of acquireTokenAndCallMSGraph() with the contents of acquireTokenPopupAndCallMSGraph()
+		function acquireTokenPopupAndCallMSGraph() {
+            //Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
+            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
+                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+            }, function (error) {
+                //Call acquireTokenPopup (popup window) in case of acquireToken Failure
+                if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
+                    myMSALObj.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) {
+                        callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+                    }, function (error) {
+                    });
+                }
+            });
+        }
+		
+		/* IE/EDGE-ONLY - REDIRECT HELPER FUNCTIONS BELOW */
+		
+		// NOTE: Below functions are for testing with IE/Edge browsers - can be removed if not testing with these browsers
+		function signInRedirect() {
+            myMSALObj.loginRedirect(applicationConfig.graphScopes);
+        }
+		
+		function acquireTokenRedirectAndCallMSGraph(myMSALObj) {
+            //Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
+            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
+                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+            }, function (error) {
+                //Call acquireTokenRedirect in case of acquireToken Failure
+                if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
+                    myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
+                }
+            });
+        }
+		
     </script>
 </body>
 </html>

From f0c7ea0c556f3fc893036432d2c443f91ee95462 Mon Sep 17 00:00:00 2001
From: Prithvi Kanherkar <prithviraj.kanherkar@microsoft.com>
Date: Tue, 18 Sep 2018 14:40:04 -0700
Subject: [PATCH 2/9] Refactored browser detection to be more concise, reflect
 patterns better

Refactored signIn and acquireToken calls to be more concise, kept the function signature more similar to the quickstart that has been released.
---
 JavaScriptSPA/index.html | 140 +++++++++++++++++++--------------------
 1 file changed, 67 insertions(+), 73 deletions(-)

diff --git a/JavaScriptSPA/index.html b/JavaScriptSPA/index.html
index 9303be1..fbb1606 100644
--- a/JavaScriptSPA/index.html
+++ b/JavaScriptSPA/index.html
@@ -14,29 +14,31 @@ <h4 id="WelcomeMessage"></h4>
 	<pre id="json"></pre>
 
     <script>
+		// Browser check variables
+		var ua = window.navigator.userAgent;
+		var msie = ua.indexOf('MSIE ');
+		var msie11 = ua.indexOf('Trident/');
+		var msedge = ua.indexOf('Edge/');
+		var isIE = msie > 0 || msie11 > 0;
+		var isEdge = msedge > 0;
+	
         var applicationConfig = {
-            clientID: "Enter_the_Application_Id_here", //This is your client ID
+            clientID: "0813e1d1-ad72-46a9-8665-399bba48c201", //This is your client ID
             graphScopes: ["user.read"],
             graphEndpoint: "https://graph.microsoft.com/v1.0/me"
         };
 
         //Pass null for default authority (https://login.microsoftonline.com/common) and tokenReceivedCallback if using popup apis
-        var myMSALObj = new Msal.UserAgentApplication(applicationConfig.clientID, null, null);
-
-		// Browser check variables
-		var ua = window.navigator.userAgent;
-		var msie = ua.indexOf('MSIE ');
-		var msie11 = ua.indexOf('Trident/');
-		var msedge = ua.indexOf('Edge/');
-		
+        var myMSALObj = new Msal.UserAgentApplication(applicationConfig.clientID, null, null, {storeAuthStateInCookie:true});
+				
         function signIn() {
-			if (msie > 0 || msie11 > 0 || msedge > 0) {
-				// NOTE: IE/Edge detected - use redirect
-				signInRedirect();
-			} else {
-				// NOTE: Not using IE browser - use popup
-				signInPopup();
-			}
+			myMSALObj.loginPopup(applicationConfig.graphScopes).then(function (idToken) {
+                //Login Success
+                showWelcomeMessage();
+                acquireTokenAndCallMSGraph();
+            }, function (error) {
+                console.log(error);
+            });
         }
 		
         function signOut() {
@@ -44,13 +46,38 @@ <h4 id="WelcomeMessage"></h4>
         }
 
         function acquireTokenAndCallMSGraph() {
-			if (msie > 0 || msie11 > 0 || msedge > 0) {
-				// NOTE: only for IE and Edge browsers
-				acquireTokenRedirectAndCallMSGraph(myMSALObj);
-			} else {
-				// NOTE: for all other non-IE/Edge browsers (i.e. Chrome, Firefox, etc.)
-				acquireTokenPopupAndCallMSGraph();
-			}
+			//Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
+            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
+                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+            }, function (error) {
+				if (isIE) {
+					alert("IE");
+					// NOTE: only for IE browsers
+					// Call acquireTokenRedirect in case of acquireToken Failure
+					if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
+						myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
+					}
+				}
+				// Uncomment this if you are testing in Edge InPrivate, or delete
+				/**
+				else if(msedge > 0) {
+					// NOTE: only for Edge InPrivate browsers
+					// Call acquireTokenRedirect in case of acquireToken Failure
+					if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
+						myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
+					}
+				}
+				**/
+				else {
+					// Call acquireTokenPopup (popup window) in case of acquireToken Failure
+					if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
+						myMSALObj.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) {
+							callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+						}, function (error) {
+						});
+					}
+				}
+            });
         }
 
         function callMSGraph(theUrl, accessToken, callback) {
@@ -77,60 +104,27 @@ <h4 id="WelcomeMessage"></h4>
             loginbutton.innerHTML = 'Sign Out';
             loginbutton.setAttribute('onclick', 'signOut();');
         }
+		
+		// Remove this code if IE is not used
+		if(isIE) {
+			document.getElementById("SignIn").onclick = function() {
+				myMSALObj.loginRedirect(applicationConfig.graphScopes);
+			};
+		} 
+		// Uncomment this if you are testing in Edge InPrivate, or delete
+		/**
+		else if(isEdge) {
+			document.getElementById("SignIn").onclick = function () { 
+				myMSALObj.loginRedirect(applicationConfig.graphScopes);
+			};
+		}
+		**/
 
         if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
-            showWelcomeMessage();
+			showWelcomeMessage();
             acquireTokenAndCallMSGraph();
         }
-		
-		/* POPUP HELPER FUNCTIONS BELOW */
-		
-		// If not using IE or Edge InPrivate browser, you may replace the contents of signIn() with the contents of signInPopup()
-		function signInPopup() {
-			myMSALObj.loginPopup(applicationConfig.graphScopes).then(function (idToken) {
-                //Login Success
-                showWelcomeMessage();
-                acquireTokenAndCallMSGraph();
-            }, function (error) {
-                console.log(error);
-            });
-		}
-		
-		// If not using IE or Edge InPrivate browser, you may replace the contents of acquireTokenAndCallMSGraph() with the contents of acquireTokenPopupAndCallMSGraph()
-		function acquireTokenPopupAndCallMSGraph() {
-            //Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
-            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
-                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-            }, function (error) {
-                //Call acquireTokenPopup (popup window) in case of acquireToken Failure
-                if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
-                    myMSALObj.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) {
-                        callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-                    }, function (error) {
-                    });
-                }
-            });
-        }
-		
-		/* IE/EDGE-ONLY - REDIRECT HELPER FUNCTIONS BELOW */
-		
-		// NOTE: Below functions are for testing with IE/Edge browsers - can be removed if not testing with these browsers
-		function signInRedirect() {
-            myMSALObj.loginRedirect(applicationConfig.graphScopes);
-        }
-		
-		function acquireTokenRedirectAndCallMSGraph(myMSALObj) {
-            //Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
-            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
-                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-            }, function (error) {
-                //Call acquireTokenRedirect in case of acquireToken Failure
-                if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
-                    myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
-                }
-            });
-        }
-		
+				
     </script>
 </body>
 </html>

From 4308d99af94909ee336a2ae13440d527f8171aae Mon Sep 17 00:00:00 2001
From: Prithvi Kanherkar <prithviraj.kanherkar@microsoft.com>
Date: Tue, 18 Sep 2018 14:45:19 -0700
Subject: [PATCH 3/9] deleting test client id, adding storeAuthStateInCookie
 (added in previous commit)

Replacing the test client id with a generic variable, adding the storeAuthStateInCookie flag for the UserAgentApplication for IE fix (added in the previous commit, but logs do not reflect it)
---
 JavaScriptSPA/index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/JavaScriptSPA/index.html b/JavaScriptSPA/index.html
index fbb1606..f320e95 100644
--- a/JavaScriptSPA/index.html
+++ b/JavaScriptSPA/index.html
@@ -23,7 +23,7 @@ <h4 id="WelcomeMessage"></h4>
 		var isEdge = msedge > 0;
 	
         var applicationConfig = {
-            clientID: "0813e1d1-ad72-46a9-8665-399bba48c201", //This is your client ID
+            clientID: "Enter_the_Application_Id_here", //This is your client ID
             graphScopes: ["user.read"],
             graphEndpoint: "https://graph.microsoft.com/v1.0/me"
         };

From d680af4f2e317f3e49820e41e9619609ca5e5554 Mon Sep 17 00:00:00 2001
From: Prithvi Kanherkar <prithviraj.kanherkar@microsoft.com>
Date: Tue, 18 Sep 2018 14:47:36 -0700
Subject: [PATCH 4/9] Cleaning code

---
 JavaScriptSPA/index.html | 1 -
 1 file changed, 1 deletion(-)

diff --git a/JavaScriptSPA/index.html b/JavaScriptSPA/index.html
index f320e95..bdb514a 100644
--- a/JavaScriptSPA/index.html
+++ b/JavaScriptSPA/index.html
@@ -51,7 +51,6 @@ <h4 id="WelcomeMessage"></h4>
                 callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
             }, function (error) {
 				if (isIE) {
-					alert("IE");
 					// NOTE: only for IE browsers
 					// Call acquireTokenRedirect in case of acquireToken Failure
 					if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {

From 031ada25eb149016c5ed04c2268073a431d35ceb Mon Sep 17 00:00:00 2001
From: Prithvi Kanherkar <prithviraj.kanherkar@microsoft.com>
Date: Tue, 18 Sep 2018 16:29:54 -0700
Subject: [PATCH 5/9] Refactored to separate functionality

Redirect and popup code is now separated
---
 JavaScriptSPA/index.html | 75 +++++++++++++++++++++++-----------------
 server.js                |  2 +-
 2 files changed, 44 insertions(+), 33 deletions(-)

diff --git a/JavaScriptSPA/index.html b/JavaScriptSPA/index.html
index bdb514a..9b4136b 100644
--- a/JavaScriptSPA/index.html
+++ b/JavaScriptSPA/index.html
@@ -23,13 +23,13 @@ <h4 id="WelcomeMessage"></h4>
 		var isEdge = msedge > 0;
 	
         var applicationConfig = {
-            clientID: "Enter_the_Application_Id_here", //This is your client ID
+            clientID: "0813e1d1-ad72-46a9-8665-399bba48c201", //This is your client ID
             graphScopes: ["user.read"],
             graphEndpoint: "https://graph.microsoft.com/v1.0/me"
         };
 
         //Pass null for default authority (https://login.microsoftonline.com/common) and tokenReceivedCallback if using popup apis
-        var myMSALObj = new Msal.UserAgentApplication(applicationConfig.clientID, null, null, {storeAuthStateInCookie:true});
+        var myMSALObj = new Msal.UserAgentApplication(applicationConfig.clientID, null, null, {storeAuthStateInCookie:true, cacheLocation:"localStorage"});
 				
         function signIn() {
 			myMSALObj.loginPopup(applicationConfig.graphScopes).then(function (idToken) {
@@ -50,31 +50,12 @@ <h4 id="WelcomeMessage"></h4>
             myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
                 callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
             }, function (error) {
-				if (isIE) {
-					// NOTE: only for IE browsers
-					// Call acquireTokenRedirect in case of acquireToken Failure
-					if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
-						myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
-					}
-				}
-				// Uncomment this if you are testing in Edge InPrivate, or delete
-				/**
-				else if(msedge > 0) {
-					// NOTE: only for Edge InPrivate browsers
-					// Call acquireTokenRedirect in case of acquireToken Failure
-					if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
-						myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
-					}
-				}
-				**/
-				else {
-					// Call acquireTokenPopup (popup window) in case of acquireToken Failure
-					if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
-						myMSALObj.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) {
-							callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-						}, function (error) {
-						});
-					}
+				// Call acquireTokenPopup (popup window) in case of acquireToken Failure
+				if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
+					myMSALObj.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) {
+						callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+					}, function (error) {
+					});
 				}
             });
         }
@@ -104,11 +85,23 @@ <h4 id="WelcomeMessage"></h4>
             loginbutton.setAttribute('onclick', 'signOut();');
         }
 		
-		// Remove this code if IE is not used
+		/** 
+		if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
+			showWelcomeMessage();
+			acquireTokenAndCallMSGraph();
+		}
+		**/
+		
+		// Uncomment the above code and delete the below code if you are not using browser detection
+		
 		if(isIE) {
 			document.getElementById("SignIn").onclick = function() {
 				myMSALObj.loginRedirect(applicationConfig.graphScopes);
 			};
+			if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
+				showWelcomeMessage();
+				acquireTokenRedirectAndCallMSGraph();
+			}
 		} 
 		// Uncomment this if you are testing in Edge InPrivate, or delete
 		/**
@@ -116,12 +109,30 @@ <h4 id="WelcomeMessage"></h4>
 			document.getElementById("SignIn").onclick = function () { 
 				myMSALObj.loginRedirect(applicationConfig.graphScopes);
 			};
+			if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
+				showWelcomeMessage();
+				acquireTokenRedirectAndCallMSGraph();
+			}
 		}
 		**/
-
-        if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
-			showWelcomeMessage();
-            acquireTokenAndCallMSGraph();
+		else {
+			if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
+				showWelcomeMessage();
+				acquireTokenAndCallMSGraph();
+			}
+		}
+        
+		// This function can be removed if browser detection isn't needed	
+		function acquireTokenRedirectAndCallMSGraph(myMSALObj) {
+            //Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
+            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
+                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+            }, function (error) {
+                //Call acquireTokenRedirect in case of acquireToken Failure
+                if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
+                    myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
+                }
+            });
         }
 				
     </script>
diff --git a/server.js b/server.js
index 473ec5f..f2479ac 100644
--- a/server.js
+++ b/server.js
@@ -9,7 +9,7 @@ var morgan = require('morgan');
 var path = require('path');
 
 // Initialize variables.
-var port = 30662; // process.env.PORT || 30662;
+var port = 1530; // process.env.PORT || 30662;
 
 // Configure morgan module to log all requests.
 app.use(morgan('dev'));

From 1fbe10f469b303ec16eccd34c22172576ab7759f Mon Sep 17 00:00:00 2001
From: Navya Canumalla <nacanuma@microsoft.com>
Date: Tue, 18 Sep 2018 17:38:52 -0700
Subject: [PATCH 6/9] Remove hardcoded client ID from sample.

Update port required per quickstart app registration.
---
 JavaScriptSPA/index.html | 2 +-
 server.js                | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/JavaScriptSPA/index.html b/JavaScriptSPA/index.html
index 9b4136b..4c046d0 100644
--- a/JavaScriptSPA/index.html
+++ b/JavaScriptSPA/index.html
@@ -23,7 +23,7 @@ <h4 id="WelcomeMessage"></h4>
 		var isEdge = msedge > 0;
 	
         var applicationConfig = {
-            clientID: "0813e1d1-ad72-46a9-8665-399bba48c201", //This is your client ID
+            clientID: "Enter_the_Application_Id_here", //This is your client ID
             graphScopes: ["user.read"],
             graphEndpoint: "https://graph.microsoft.com/v1.0/me"
         };
diff --git a/server.js b/server.js
index f2479ac..473ec5f 100644
--- a/server.js
+++ b/server.js
@@ -9,7 +9,7 @@ var morgan = require('morgan');
 var path = require('path');
 
 // Initialize variables.
-var port = 1530; // process.env.PORT || 30662;
+var port = 30662; // process.env.PORT || 30662;
 
 // Configure morgan module to log all requests.
 app.use(morgan('dev'));

From bbb6a2fa848e6d439c6900b34196f7dc80355ec2 Mon Sep 17 00:00:00 2001
From: Prithvi Kanherkar <prithviraj.kanherkar@microsoft.com>
Date: Wed, 19 Sep 2018 14:06:06 -0700
Subject: [PATCH 7/9] Fixes for onload issues in IE, adding postlogout to app
 json

---
 AppCreationScripts/apps.json |   1 +
 JavaScriptSPA/index.html     | 226 +++++++++++++++++++----------------
 server.js                    |   2 +-
 3 files changed, 122 insertions(+), 107 deletions(-)

diff --git a/AppCreationScripts/apps.json b/AppCreationScripts/apps.json
index ec586f3..4074401 100644
--- a/AppCreationScripts/apps.json
+++ b/AppCreationScripts/apps.json
@@ -9,6 +9,7 @@
       "x-ms-id": "JavaScriptSpa",
       "x-ms-name": "active-directory-javascript-graphapi-v2",
       "x-ms-version": "2.0",
+      "logoutUrl": "http://localhost:30662/",
       "replyUrlsWithType": [
         {
           "url": "http://localhost:30662/",
diff --git a/JavaScriptSPA/index.html b/JavaScriptSPA/index.html
index 9b4136b..67001c2 100644
--- a/JavaScriptSPA/index.html
+++ b/JavaScriptSPA/index.html
@@ -2,17 +2,25 @@
 <html>
 <head>
     <title>Quickstart for MSAL JS</title>
-	<script src="https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js"></script>
     <script src="https://secure.aadcdn.microsoftonline-p.com/lib/0.2.3/js/msal.js"></script>
     <script src="https://code.jquery.com/jquery-3.2.1.min.js"></script>
 </head>
 
 <body>
-    <h2>Welcome to MSAL.js Quickstart</h2><br/>
-    <h4 id="WelcomeMessage"></h4>
-    <button id="SignIn" onclick="signIn()">Sign In</button><br/><br/>
-	<pre id="json"></pre>
+<h4 id="WelcomeMessage"></h4>
+<button id="SignIn" onclick="signIn()">Sign In</button>
+<br/><br/>
+<pre id="json"></pre>
 
+<<<<<<< HEAD
+<script>
+    var applicationConfig = {
+        clientID: '0813e1d1-ad72-46a9-8665-399bba48c201', //This is your client ID
+        graphScopes: ["user.read"],
+        graphEndpoint: "https://graph.microsoft.com/v1.0/me"
+    };
+=======
     <script>
 		// Browser check variables
 		var ua = window.navigator.userAgent;
@@ -23,118 +31,124 @@ <h4 id="WelcomeMessage"></h4>
 		var isEdge = msedge > 0;
 	
         var applicationConfig = {
-            clientID: "0813e1d1-ad72-46a9-8665-399bba48c201", //This is your client ID
+            clientID: "Enter_the_Application_Id_here", //This is your client ID
             graphScopes: ["user.read"],
             graphEndpoint: "https://graph.microsoft.com/v1.0/me"
         };
+>>>>>>> 1fbe10f469b303ec16eccd34c22172576ab7759f
 
-        //Pass null for default authority (https://login.microsoftonline.com/common) and tokenReceivedCallback if using popup apis
-        var myMSALObj = new Msal.UserAgentApplication(applicationConfig.clientID, null, null, {storeAuthStateInCookie:true, cacheLocation:"localStorage"});
-				
-        function signIn() {
-			myMSALObj.loginPopup(applicationConfig.graphScopes).then(function (idToken) {
-                //Login Success
-                showWelcomeMessage();
-                acquireTokenAndCallMSGraph();
-            }, function (error) {
-                console.log(error);
-            });
-        }
-		
-        function signOut() {
-            myMSALObj.logout();
-        }
+    //Pass null for default authority (https://login.microsoftonline.com/common)
+    var myMSALObj = new Msal.UserAgentApplication(applicationConfig.clientID, null, acquireTokenRedirectCallBack,
+        {storeAuthStateInCookie: true, cacheLocation: "localStorage"});
 
-        function acquireTokenAndCallMSGraph() {
-			//Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
-            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
-                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-            }, function (error) {
-				// Call acquireTokenPopup (popup window) in case of acquireToken Failure
-				if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
-					myMSALObj.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) {
-						callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-					}, function (error) {
-					});
-				}
-            });
-        }
+    function signIn() {
+        myMSALObj.loginPopup(applicationConfig.graphScopes).then(function (idToken) {
+            //Login Success
+            showWelcomeMessage();
+            acquireTokenPopupAndCallMSGraph();
+        }, function (error) {
+            console.log(error);
+        });
+    }
+
+    function signOut() {
+        myMSALObj.logout();
+    }
 
-        function callMSGraph(theUrl, accessToken, callback) {
-            var xmlHttp = new XMLHttpRequest();
-            xmlHttp.onreadystatechange = function () {
-                if (this.readyState == 4 && this.status == 200)
-                    callback(JSON.parse(this.responseText));
+   function acquireTokenPopupAndCallMSGraph() {
+        //Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
+        myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
+            callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+        }, function (error) {
+            console.log(error);
+            // Call acquireTokenPopup (popup window) in case of acquireTokenSilent failure due to consent or interaction required ONLY
+            if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1 || error.indexOf("login_required") !== -1) {
+                myMSALObj.acquireTokenPopup(applicationConfig.graphScopes).then(function (accessToken) {
+                    callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+                }, function (error) {
+                    console.log(error);
+                });
             }
-            xmlHttp.open("GET", theUrl, true); // true for asynchronous
-            xmlHttp.setRequestHeader('Authorization', 'Bearer ' + accessToken);
-            xmlHttp.send();
-        }
+        });
+    }
 
-        function graphAPICallback(data) {
-            //Display user data on DOM
-            var divWelcome = document.getElementById('WelcomeMessage');
-            document.getElementById("json").innerHTML = JSON.stringify(data, null, 2);
+    function callMSGraph(theUrl, accessToken, callback) {
+        var xmlHttp = new XMLHttpRequest();
+        xmlHttp.onreadystatechange = function () {
+            if (this.readyState == 4 && this.status == 200)
+                callback(JSON.parse(this.responseText));
         }
+        xmlHttp.open("GET", theUrl, true); // true for asynchronous
+        xmlHttp.setRequestHeader('Authorization', 'Bearer ' + accessToken);
+        xmlHttp.send();
+    }
+
+    function graphAPICallback(data) {
+        //Display user data on DOM
+        var divWelcome = document.getElementById('WelcomeMessage');
+        divWelcome.innerHTML += " to Microsoft Graph API!!";
+        document.getElementById("json").innerHTML = JSON.stringify(data, null, 2); 
+    }
+
+    function showWelcomeMessage() {
+        var divWelcome = document.getElementById('WelcomeMessage');
+        divWelcome.innerHTML += 'Welcome ' + myMSALObj.getUser().name;
+        var loginbutton = document.getElementById('SignIn');
+        loginbutton.innerHTML = 'Sign Out';
+        loginbutton.setAttribute('onclick', 'signOut();');
+    }
 
-        function showWelcomeMessage() {
-            var divWelcome = document.getElementById('WelcomeMessage');
-            divWelcome.innerHTML += 'Welcome ' + myMSALObj.getUser().name + " to Microsoft Graph API!!";
-            var loginbutton = document.getElementById('SignIn');
-            loginbutton.innerHTML = 'Sign Out';
-            loginbutton.setAttribute('onclick', 'signOut();');
+    // This function can be removed if you do not need to support IE
+    function acquireTokenRedirectAndCallMSGraph() {
+        //Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
+        myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
+          callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+        }, function (error) {
+            console.log(error);
+            //Call acquireTokenRedirect in case of acquireToken Failure
+            if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1 || error.indexOf("login_required") !== -1) {
+                myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
+            }
+        }); 
+    }
+
+    function acquireTokenRedirectCallBack(errorDesc, token, error, tokenType)
+    {
+     if(tokenType === "access_token")
+     {
+         callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
+     } else {
+            console.log("token type is:"+tokenType);
+     } 
+
+    }
+
+    // Browser check variables
+    var ua = window.navigator.userAgent;
+    var msie = ua.indexOf('MSIE ');
+    var msie11 = ua.indexOf('Trident/');
+    var msedge = ua.indexOf('Edge/');
+    var isIE = msie > 0 || msie11 > 0;
+    var isEdge = msedge > 0;
+
+    //If you support IE, our recommendation is that you sign-in using Redirect APIs
+    //If you as a developer are testing using Edge InPrivate mode, please add "isEdge" to the if check 
+    if (!isIE) {
+        if (myMSALObj.getUser()) {// avoid duplicate code execution on page load in case of iframe and popup window.
+            showWelcomeMessage();
+            acquireTokenPopupAndCallMSGraph();
         }
-		
-		/** 
-		if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
-			showWelcomeMessage();
-			acquireTokenAndCallMSGraph();
-		}
-		**/
-		
-		// Uncomment the above code and delete the below code if you are not using browser detection
-		
-		if(isIE) {
-			document.getElementById("SignIn").onclick = function() {
-				myMSALObj.loginRedirect(applicationConfig.graphScopes);
-			};
-			if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
-				showWelcomeMessage();
-				acquireTokenRedirectAndCallMSGraph();
-			}
-		} 
-		// Uncomment this if you are testing in Edge InPrivate, or delete
-		/**
-		else if(isEdge) {
-			document.getElementById("SignIn").onclick = function () { 
-				myMSALObj.loginRedirect(applicationConfig.graphScopes);
-			};
-			if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
-				showWelcomeMessage();
-				acquireTokenRedirectAndCallMSGraph();
-			}
-		}
-		**/
-		else {
-			if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
-				showWelcomeMessage();
-				acquireTokenAndCallMSGraph();
-			}
-		}
-        
-		// This function can be removed if browser detection isn't needed	
-		function acquireTokenRedirectAndCallMSGraph(myMSALObj) {
-            //Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
-            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
-                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-            }, function (error) {
-                //Call acquireTokenRedirect in case of acquireToken Failure
-                if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
-                    myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
-                }
-            });
+    }
+    else {
+        document.getElementById("SignIn").onclick = function () {
+            myMSALObj.loginRedirect(applicationConfig.graphScopes);
+        };
+
+        if (myMSALObj.getUser() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
+            showWelcomeMessage();
+            acquireTokenRedirectAndCallMSGraph();
         }
-				
-    </script>
+    }
+</script>
 </body>
 </html>
diff --git a/server.js b/server.js
index f2479ac..473ec5f 100644
--- a/server.js
+++ b/server.js
@@ -9,7 +9,7 @@ var morgan = require('morgan');
 var path = require('path');
 
 // Initialize variables.
-var port = 1530; // process.env.PORT || 30662;
+var port = 30662; // process.env.PORT || 30662;
 
 // Configure morgan module to log all requests.
 app.use(morgan('dev'));

From ec31bca00ef1fced269d330731e990be1b8a96d6 Mon Sep 17 00:00:00 2001
From: Prithvi Kanherkar <prithviraj.kanherkar@microsoft.com>
Date: Wed, 19 Sep 2018 14:08:28 -0700
Subject: [PATCH 8/9] Removing errors after merge

---
 JavaScriptSPA/index.html | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/JavaScriptSPA/index.html b/JavaScriptSPA/index.html
index 67001c2..97689a9 100644
--- a/JavaScriptSPA/index.html
+++ b/JavaScriptSPA/index.html
@@ -13,29 +13,12 @@ <h4 id="WelcomeMessage"></h4>
 <br/><br/>
 <pre id="json"></pre>
 
-<<<<<<< HEAD
 <script>
     var applicationConfig = {
         clientID: '0813e1d1-ad72-46a9-8665-399bba48c201', //This is your client ID
         graphScopes: ["user.read"],
         graphEndpoint: "https://graph.microsoft.com/v1.0/me"
     };
-=======
-    <script>
-		// Browser check variables
-		var ua = window.navigator.userAgent;
-		var msie = ua.indexOf('MSIE ');
-		var msie11 = ua.indexOf('Trident/');
-		var msedge = ua.indexOf('Edge/');
-		var isIE = msie > 0 || msie11 > 0;
-		var isEdge = msedge > 0;
-	
-        var applicationConfig = {
-            clientID: "Enter_the_Application_Id_here", //This is your client ID
-            graphScopes: ["user.read"],
-            graphEndpoint: "https://graph.microsoft.com/v1.0/me"
-        };
->>>>>>> 1fbe10f469b303ec16eccd34c22172576ab7759f
 
     //Pass null for default authority (https://login.microsoftonline.com/common)
     var myMSALObj = new Msal.UserAgentApplication(applicationConfig.clientID, null, acquireTokenRedirectCallBack,

From e3faedbd19045a1dafac7fa9030b8ce5776abc12 Mon Sep 17 00:00:00 2001
From: Navya Canumalla <nacanuma@microsoft.com>
Date: Wed, 19 Sep 2018 14:12:30 -0700
Subject: [PATCH 9/9] Removing the index_login_redirect file

---
 JavaScriptSPA/index_login_redirect.html | 101 ------------------------
 1 file changed, 101 deletions(-)
 delete mode 100644 JavaScriptSPA/index_login_redirect.html

diff --git a/JavaScriptSPA/index_login_redirect.html b/JavaScriptSPA/index_login_redirect.html
deleted file mode 100644
index f810227..0000000
--- a/JavaScriptSPA/index_login_redirect.html
+++ /dev/null
@@ -1,101 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-    <title>Quickstart for MSAL JS</title>
-    <script src="https://secure.aadcdn.microsoftonline-p.com/lib/0.2.3/js/msal.js"></script>
-    <script src="https://code.jquery.com/jquery-3.2.1.min.js" class="pre"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.4/bluebird.min.js" class="pre"></script>
-    <style>
-        table, td, th {
-            border: 1px solid black;
-        }
-    </style>
-</head>
-
-<body>
-    <h2>Welcome to MSAL.js Quickstart</h2><br/>
-    <h4 id="WelcomeMessage"></h4>
-    <button id="SignIn" onclick="signIn()">Sign In</button><br /><br />
-    <table id="graphData"></table>
-
-    <script>
-        var applicationConfig = {
-            clientID: 'Enter_the_Application_Id_here', //This is your client ID
-            graphScopes: ["user.read"],
-            graphEndpoint: "https://graph.microsoft.com/v1.0/me"
-        };
-
-        //pass null for default authority (https://login.microsoftonline.com/common) and tokenReceivedCallback if using popup api's'
-        var myMSALObj = new Msal.UserAgentApplication(applicationConfig.clientID, null, userSignedIn);
-
-        function signIn() {
-            myMSALObj.loginRedirect(applicationConfig.graphScopes);
-        }
-
-        function signOut() {
-            myMSALObj.logout();
-        }
-
-        function userSignedIn(errorDesc, token, error, tokenType) {
-            //In redirect mode, use this inside callback to access an instance of userAgentApplication
-            var self = this;
-            if (token) {
-                if (tokenType === "id_token") {
-                    showWelcomeMessage(self);
-                }
-            }
-            else if (errorDesc || error) {
-                console.log(error + ' : ' + errorDesc);
-            }
-        }
-
-        function acquireTokenAndCallMSGraph(myMSALObj) {
-            //Call acquireTokenSilent (iframe) to obtain a token for Microsoft Graph
-            myMSALObj.acquireTokenSilent(applicationConfig.graphScopes).then(function (accessToken) {
-                callMSGraph(applicationConfig.graphEndpoint, accessToken, graphAPICallback);
-            }, function (error) {
-                //Call acquireTokenRedirect in case of acquireToken Failure
-                if (error.indexOf("consent_required") !== -1 || error.indexOf("interaction_required") !== -1) {
-                    myMSALObj.acquireTokenRedirect(applicationConfig.graphScopes);
-                }
-            });
-        }
-
-        function callMSGraph(theUrl, accessToken, callback) {
-            var xmlHttp = new XMLHttpRequest();
-            xmlHttp.onreadystatechange = function () {
-                if (this.readyState == 4 && this.status == 200)
-                    callback(JSON.parse(this.responseText));
-            }
-            xmlHttp.open("GET", theUrl, true); // true for asynchronous
-            xmlHttp.setRequestHeader('Authorization', 'Bearer ' + accessToken);
-            xmlHttp.send();
-        }
-
-        function graphAPICallback(data) {
-            //Display user data on DOM
-            var divWelcome = document.getElementById('WelcomeMessage');
-            divWelcome.innerHTML += " to Microsoft Graph API!!";
-            $.each(data, function (key, value) {
-                var tr = $('<tr></tr>');
-                $('<td>' + '<i>' + key + '</i>' + '</td>').appendTo(tr);
-                $('<td>' + value + '</td>').appendTo(tr);
-                tr.appendTo('#graphData');
-            });
-        }
-
-        function showWelcomeMessage(myMSALObj) {
-            var divWelcome = document.getElementById('WelcomeMessage');
-            divWelcome.innerHTML = 'Welcome ' + myMSALObj.getUser().name;
-            var loginbutton = document.getElementById('SignIn');
-            loginbutton.innerHTML = 'Sign Out';
-            loginbutton.setAttribute('onclick', 'signOut();');
-        }
-
-        if (myMSALObj && myMSALObj.getUser() && !myMSALObj.loginInProgress() && !myMSALObj.isCallback(window.location.hash)) {// avoid duplicate code execution on page load in case of iframe and popup window.
-            showWelcomeMessage(myMSALObj);
-            acquireTokenAndCallMSGraph(myMSALObj);
-        }
-    </script>
-</body>
-</html>