From cfbbf115f100500dd21b4af5f1bc367c764a2cba Mon Sep 17 00:00:00 2001
From: Steve Faulkner <471400+southpolesteve@users.noreply.github.com>
Date: Thu, 21 Jan 2021 18:35:09 -0600
Subject: [PATCH] Attempt to aquire token via popup if silent fails

---
 src/hooks/useAADAuth.ts | 50 ++++++++++++++++++++++++++++++-----------
 1 file changed, 37 insertions(+), 13 deletions(-)

diff --git a/src/hooks/useAADAuth.ts b/src/hooks/useAADAuth.ts
index c6d9521a5..e9ad60569 100644
--- a/src/hooks/useAADAuth.ts
+++ b/src/hooks/useAADAuth.ts
@@ -1,6 +1,6 @@
 import * as React from "react";
 import { useBoolean } from "@uifabric/react-hooks";
-import { UserAgentApplication, Account, Configuration } from "msal";
+import { UserAgentApplication, Account, Configuration, InteractionRequiredAuthError } from "msal";
 
 const config: Configuration = {
   cache: {
@@ -69,18 +69,42 @@ export function useAADAuth(): ReturnType {
   React.useEffect(() => {
     if (account && tenantId) {
       Promise.all([
-        msal.acquireTokenSilent({
-          // There is a bug in MSALv1 that requires us to refresh the token. Their internal cache is not respecting authority
-          forceRefresh: true,
-          authority: `https://login.microsoftonline.com/${tenantId}`,
-          scopes: ["https://graph.windows.net//.default"],
-        }),
-        msal.acquireTokenSilent({
-          // There is a bug in MSALv1 that requires us to refresh the token. Their internal cache is not respecting authority
-          forceRefresh: true,
-          authority: `https://login.microsoftonline.com/${tenantId}`,
-          scopes: ["https://management.azure.com//.default"],
-        }),
+        msal
+          .acquireTokenSilent({
+            // There is a bug in MSALv1 that requires us to refresh the token. Their internal cache is not respecting authority
+            forceRefresh: true,
+            authority: `https://login.microsoftonline.com/${tenantId}`,
+            scopes: ["https://graph.windows.net//.default"],
+          })
+          .catch((error: unknown) => {
+            if (error instanceof InteractionRequiredAuthError) {
+              return msal.acquireTokenPopup({
+                // There is a bug in MSALv1 that requires us to refresh the token. Their internal cache is not respecting authority
+                forceRefresh: true,
+                authority: `https://login.microsoftonline.com/${tenantId}`,
+                scopes: ["https://graph.windows.net//.default"],
+              });
+            }
+            throw error;
+          }),
+        msal
+          .acquireTokenSilent({
+            // There is a bug in MSALv1 that requires us to refresh the token. Their internal cache is not respecting authority
+            forceRefresh: true,
+            authority: `https://login.microsoftonline.com/${tenantId}`,
+            scopes: ["https://management.azure.com//.default"],
+          })
+          .catch((error: unknown) => {
+            if (error instanceof InteractionRequiredAuthError) {
+              return msal.acquireTokenPopup({
+                // There is a bug in MSALv1 that requires us to refresh the token. Their internal cache is not respecting authority
+                forceRefresh: true,
+                authority: `https://login.microsoftonline.com/${tenantId}`,
+                scopes: ["https://management.azure.com//.default"],
+              });
+            }
+            throw error;
+          }),
       ]).then(([graphTokenResponse, armTokenResponse]) => {
         setGraphToken(graphTokenResponse.accessToken);
         setArmToken(armTokenResponse.accessToken);