[ARCHIVED] Office 365 CORS Sample for jQuery
Note: This repo is archived and no longer actively maintained. Security vulnerabilities may exist in the project, or its dependencies. If you plan to reuse or run any code from this repo, be sure to perform appropriate security checks on the code or dependencies first. Do not use this project as the starting point of a production Office Add-in. Always start your production code by using the Office/SharePoint development workload in Visual Studio, or the Yeoman generator for Office Add-ins, and follow security best practices as you develop the add-in.
For more information about how the protocols work in this scenario and other scenarios, see Authentication Scenarios for Azure AD.
How To Run This Sample
Getting started is simple! To run this sample you will need:
- Visual Studio 2013
- An Internet connection
- An Azure subscription (a free trial is sufficient)
Every Azure subscription has an associated Azure Active Directory tenant. If you don't already have an Azure subscription, you can get a free subscription by signing up at http://www.windowsazure.com. All of the Azure AD features used by this sample are available free of charge.
Step 1: Clone or download this repository
From your shell or command line:
git clone https://github.com/OfficeDev/O365-jQuery-CORS.git
Step 2: Set up your Office 365 development environment
In order to run this sample, you'll need an Office 365 Developer Site associated with your Azure Active Directory tenant. If you already have this configured, continue on to Step 3. However, if you don't, refer to Set up your Office 365 development environment on MSDN to get set up.
Return to these instructions after your Office 365 tenant is associated with your Azure tenant.
Step 3: Register the sample with your Azure Active Directory tenant
- Sign in to the Azure management portal.
- Click Active Directory in the left hand nav.
- Click the directory tenant where you wish to register the sample application.
- Select the Applications tab.
- In the drawer, click Add.
- Click Add an application my organization is developing.
- Enter a friendly name for the application, for example "O365-jQuery-CORS", select Web Application and/or Web API, and click the arrow to continue.
- For the sign-on URL, enter the base URL for the sample, which is by default
- For the App ID URI, enter
<your_tenant_name>with the name of your Azure AD tenant.
- Next, click the Configure tab near the top of the portal.
- Scroll down to the permissions to other applications section and click Add application.
- Choose Office 365 SharePoint Online and then click the check mark icon.
- Choose the Delegated Permissions column for Office 365 SharePoint Online, and check Read users' files.
- Click Save in the bottom tray.
All done! Before moving on to the next step, you need to find the Client ID of your application.
- While still in the Azure portal, click the Configure tab of your application.
- Find the Client ID value and copy it to the clipboard.
Step 4: Enable the OAuth2 implicit grant for your application
By default, applications provisioned in Azure AD are not enabled to use the OAuth2 implicit grant. In order to run this sample, you need to explicitly opt in.
- In the Azure Management Portal, select the Configure tab for your application’s entry.
- Use the Manage Manifest button in the drawer to download the manifest file for the application and save it to your computer.
- Open the manifest file with a text editor. Search for the
oauth2AllowImplicitFlowproperty. You will find that it is set to
false; change it to
trueand save the file.
- Use the Manage Manifest button to upload the updated manifest file and then click Save to save the app configuration.
Step 5: Configure the sample to use your Azure Active Directory tenant
- Open the solution in Visual Studio 2013.
- Find the App/Scripts folder and open
- Replace the value of
tenantwith your AAD tenant name.
- Replace the value of
clientIdwith the Client ID from the Azure Management Portal.
- Replace the value of
Step 6: Run the sample
- Clean the solution
- Rebuild the solution
- Run the solution
You can trigger the sign-in experience by either clicking on the sign-in link on the top right corner, or by clicking the Files or User tab.
Note This sample will not work in Internet Explorer. Please use a different browser, such as Google Chrome. ADAL.js uses an iframe to get CORS API tokens for resources other than the SPA's own backend. These iframe requests require access to the browser's cookies to authenticate with Azure Active Directory. Unfortunately, cookies are not accessible to Internet Explorer when the app is running in localhost.
About the Code
The key files containing authentication and Office 365 API logic are the following:
app.js - Provides the app configuration values used by ADAL for driving protocol interactions with AAD, indicates which routes should not be accessed without previous authentication, issues login and logout requests to Azure AD, handles both successful and failed authentication callbacks from Azure AD, and displays information about the user received in the id_token.
filesApiCtrl.js- Shows how to take advantage of the acquireToken() method in ADAL.js to get a token for accessing a resource, as well as how to make a CORS request to the Office 365 Files API.
userDataCtrl.js - Shows how to extract user information from the cached id_token.
index.html - Contains a reference to the adal.js CDN.
Copyright (c) 2015 Microsoft. All rights reserved.