Outlook has multi-window scenarios where MSAL code is running in the main window, but being rendered into a popup window. This is interfering with MSAL popup token flows, because the click/user interaction is being done in the popup window, but the call to MSAL acquireTokenPopup is being done in the separate main window, and so when MSAL goes to call window.open, the browser is blocking the popup as the interaction did not occur in the same window and popup_window_error is returned.
The proposed fix is to add a popupWindowParent parameter to the PopupRequest interface, which MSAL will use instead of window when invoking window.open. This makes the browser happy that the popup is being opened and parented to the same window where the interaction occurred. It also fixes UI parenting/z-index issues with the MSAL popup.
If a popupWindowParent is not specified, then today's behaviour is preserved, and window is used.
Outlook has multi-window scenarios where MSAL code is running in the main window, but being rendered into a popup window. This is interfering with MSAL popup token flows, because the click/user interaction is being done in the popup window, but the call to MSAL acquireTokenPopup is being done in the separate main window, and so when MSAL goes to call
window.open, the browser is blocking the popup as the interaction did not occur in the same window andpopup_window_erroris returned.The proposed fix is to add a
popupWindowParentparameter to thePopupRequestinterface, which MSAL will use instead ofwindowwhen invokingwindow.open. This makes the browser happy that the popup is being opened and parented to the same window where the interaction occurred. It also fixes UI parenting/z-index issues with the MSAL popup.If a
popupWindowParentis not specified, then today's behaviour is preserved, andwindowis used.cc @Salaman