everyauth icon indicating copy to clipboard operation
everyauth copied to clipboard
verified publisher icon bnoguchi

Redirect path loses authentication tokens

Open tommedema opened this issue 14 years ago • 2 comments

I'm trying to authenticate using facebook. My situation is explained in great detail here: http://stackoverflow.com/questions/7695715/performing-authorized-through-facebook-rest-requests-to-my-node-js-server-on-a

I've decided to use a ChildBrowser to login and then detect what authentication token was given on a successful login by parsing it from the callback URL. This is explained here: http://www.mobiledevelopersolutions.com/home/start/twominutetutorials/tmt5p1

Unfortunately, everyauth forces the use of a redirection path as set in: https://github.com/bnoguchi/everyauth/blob/master/lib/modules/oauth2.js#L203

This makes it impossible for me to inform my application with an authentication token through the callback URL's query string.

I assume this case has not been considered. Unfortunately it's a must to get a PhoneGap application working with everyauth.

What I need is to set a redirection URL within the authentication success/failure callbacks, so that I can pass tokens and session data to the URL.

tommedema avatar Oct 08 '11 18:10 tommedema

Tom, did you ever solve this problem?

l8nite avatar Oct 09 '12 17:10 l8nite

Have you find a solution to this problem? I have a REST API that is accessed using a github access token. The only solution I found is storing the user in the session, and once the popup is closed, call a /users/current to get the user. This is working but it is an extra request and I've got some CORS problem. I have to change the server header Access-Control-Allow-Credentials to true to be be able to use the API with ajax jquery-like calls... And I lose the Access-Control-Allow-Origin wildcard.

Not ideal.

Any idea?

soundstep avatar Dec 17 '12 20:12 soundstep