I've a VSTO Add'In running in Outlook to integrate some emails with a Web Application in .NET Framework 4.8 that uses openid authentication.
Now, Microsoft released the new version of Outlook that no longer supports VSTO Add'In and I might need to upgrade to OfficeJS/Web Add'In. I rely on Keycloak to support OpenId Authentication and I need to call a Web Application to get/post some data, so I need to get an access token.
I found javascript adapter code for keycloak online and tried to implement that in my plugin. I have followed below steps.
var keycloak = new Keycloak({
url: 'https://localhost:8443/auth',
realm: 'DevTeamRealm',
clientId: 'devteam-client'
});
keycloak.init({
promiseType: 'native', onLoad: 'login-required'
}).then(function (authenticated) {
console.log(authenticated ? 'authenticated' : 'not authenticated');
}).catch(function () {
console.log('failed to initialize')
});
I've face severals problems like:
- OutlookOnTheWeb page cannot load the Keycloak JS adapter, as the Keycloak login page has “Content Security Policy directive” is set to “frame-ancestors ‘self’”. Therefore, the Keycloak page is not meant to be displayed within an I-Frame. Even if I remove the restriction on Keycloak - Realm Settings - Security Defenses, I've run into problems with cookies.
- Desktop Outlook cannot use the adapter as MS Add-In does not explicitly support “window.history.replace”.
How can I implement openId authentication using Keycloak as Identity Provider in Office Web AddIn to call external web api's?
