Note: This repo is archived and no longer actively maintained. Security vulnerabilities may exist in the project, or its dependencies. If you plan to reuse or run any code from this repo, be sure to perform appropriate security checks on the code or dependencies first. Do not use this project as the starting point of a production Office Add-in. Always start your production code by using the Office/SharePoint development workload in Visual Studio, or the Yeoman generator for Office Add-ins, and follow security best practices as you develop the add-in.
The OAuth.io service simplifies the process of getting OAuth 2.0 access tokens from popular online services such as Facebook and Google. This sample shows how to use it in an Office add-in.
- Change History
- Prerequisites
- Configure the project
- Download the OAuth.io JavaScript Library
- Create a Google project
- Create a Facebook app
- Create an OAuth.io app and configure it to use Google and Facebook
- Add the public key to the sample code
- Deploy the add-in
- Run the project
- Start the add-in
- Test the add-in
- Questions and comments
- Additional resources
January 5, 2017:
- Initial version.
- An account with OAuth.io
- Developer accounts with Google and Facebook.
- Word 2016 for Windows, build 16.0.6727.1000 or later.
- Node and npm The project is configured to use npm as both a package manager and a task runner. It is also configured to use the Lite Server as the web server that will host the add-in during development, so you can have the add-in up and running quickly. You are welcome to use another task runner or web server.
- Git Bash (Or another git client.)
In the folder where you want to put the project, run the following commands in the git bash shell:
git clone {URL of this repo}
to clone this repo to your local machine.npm install
to install all of the dependencies itemized in the package.json file.bash gen-cert.sh
to create the certificate needed to run this sample.
Set the certificate to be a trusted root authority. On a Windows machine, these are the steps:
- In the repo folder on your local computer, double-click ca.crt, and select Install Certificate.
- Select Local Machine and select Next to continue.
- Select Place all certificates in the following store and then select Browse.
- Select Trusted Root Certification Authorities and then select OK.
- Select Next and then Finish.
- In the project, create a subfolder called OAuth.io under the Scripts folder.
- Download the OAuth.io JavaScript library from oauth-js.
- From the \dist folder of the library, copy either oauth.js or oauth.min.js to the \Scripts\OAuth.io folder of the project.
- If you chose oauth.min.js in the preceding step, open the file \Scripts\popupRedirect.js and change the line
url: 'Scripts/OAuth.io/oauth.js',
tourl: 'Scripts/OAuth.io/oauth.min.js',
.
- On your Google developer console, create a project named Office Add-in.
- Enable the Google Plus API for the project. See Google's help for details.
- Create app credentials for the project and choose the OAuth client ID as the credential type, and Web application as the application type. Use "Office-Add-in-OAuth.io" as the client Name (and the product name, if you are prompted to specify one).
- Set the Authorized redirect URIs to
https://oauth.io/auth
. - Make a copy of the client secret and client ID that it is assigned.
- On your Facebook developer dashboard, create an app named Office Add-in. See Facebook help for details.
- Make a copy of the client secret and client ID that it is assigned.
- Specify
oauth.io
in the App Domains box and specifyhttps://oauth.io/
as the Site URL.
- In your OAuth.io dashboard create an app and make a note of the public key that OAuth.io assigns to it.
- If it is not already there, add
localhost
to the whitelisted URLs for the app. - Add Google Plus as a provider (also called an "Integrated API") to the app. Fill in the client ID and secret you got when you created the Google project, and then specify
profile
as the scope. If the configuration of the provider -- Integrated API -- doesn't save in IE, try reopening the OAuth.io dashboard in another browser.) - Repeat the previous step for Facebook, but specify
user_about_me
as the scope.
The API OAuth.initialize
is called in the file popup.js. Find the line and pass the pubic key you got in the previous section as a string to this function.
Now you need to let Microsoft Word know where to find the add-in.
- Create a network share, or share a folder to the network.
- Place a copy of the Office-Add-in-OAuth.io.xml manifest file, from the root of the project, into the shared folder.
- Launch Word and open a document.
- Choose the File tab, and then choose Options.
- Choose Trust Center, and then choose the Trust Center Settings button.
- Choose Trusted Add-ins Catalogs.
- In the Catalog Url field, enter the network path to the folder share that contains Office-Add-in-OAuth.io.xml, and then choose Add Catalog.
- Select the Show in Menu check box, and then choose OK.
- A message is displayed to inform you that your settings will be applied the next time you start Microsoft Office. Close Word.
- Open a node command window in the folder of the project and run
npm start
to start the web service. Leave the command window open. - Open Internet Explorer or Edge and enter
https://localhost:3000
in the address box. If you do not receive any warnings about the certificate, close the browser and continue with the section below titled Start the add-in. If you do receive a warning that the certificate is not trusted, continue with the following steps: - The browser gives you a link to open the page despite the warning. Open it.
- After the page opens, there will be a red certificate error in the address bar. Double click the error.
- Select View Certificate.
- Select Install Certificate.
- Select Local Machine and select Next to continue.
- Select Place all certificates in the following store and then select Browse.
- Select Trusted Root Certification Authorities and then select OK.
- Select Next and then Finish.
- Close the browser.
- Restart Word and open a Word document.
- On the Insert tab in Word 2016, choose My Add-ins.
- Select the SHARED FOLDER tab.
- Choose Auth with OAuthIO, and then select OK.
- If add-in commands are supported by your version of Word, the UI will inform you that the add-in was loaded.
- On the Home ribbon is a new group called OAuth.io with a button labeled Show and an icon. Click that button to open the add-in.
Note: The add-in will load in a task pane if add-in commands are not supported by your version of Word.
- Click the Get Facebook Name button.
- A popup will open and you will be prompted to sign in with Facebook (unless you already are).
- After you sign in, your Facebook user name is inserted into the Word document.
- Repeat the above steps with the Get Google Name button.
We'd love to get your feedback about this sample. You can send your feedback to us in the Issues section of this repository.
Questions about Microsoft Office 365 development in general should be posted to Stack Overflow. If your question is about the Office JavaScript APIs, make sure that your questions are tagged with [office-js] and [API].
- Office add-in documentation
- Office Dev Center
- More Office Add-in samples at OfficeDev on Github
Copyright (c) 2017 Microsoft Corporation. All rights reserved.