meteor-feature-requests icon indicating copy to clipboard operation
meteor-feature-requests copied to clipboard

Published 20 hours ago verified publisher icon meteor

Support Oauth style of "redirect" for Cordova

Open adamgins opened this issue 7 years ago • 4 comments
trafficstars

Currently the Oauth flow forces Cordova apps to use a "popup" style vs "redirect".

See https://github.com/meteor/meteor/blob/ccfee68145720cd7761680215125f3f005d9ed30/packages/oauth/oauth_client.js#L15

Is there a way we can support "redirect" for Cordova, it makes handling of "state" tokens etc much easier... especially when the 3rd party Oauth does not support "state".

FYI - see these possible workaround. https://gist.github.com/channikhabra/b03b5a154546cb00f1a0

adamgins avatar Dec 30 '17 09:12 adamgins

@skirunman wondering if you had any workarounds for this issue you'd implemented?

adamgins avatar Jan 01 '18 22:01 adamgins

We've written a couple of our own Oauth login services including for Salesforce. We use "popup" style on both web and cordova logins. We also redirect to an "onboarding" page after login. Here are some code snippets, but not sure if they will help you.

In our react container called when login button clicked:

const onLoginWithSalesforce = ({token, isLogIn}) => {
  Meteor.loginWithSalesforce({}, error => {
    // This callback is never executed when using loginStyle redirect
    // https://github.com/meteor/meteor/issues/3917
    // Use the router or Accounts.onLogin() instead.
    if (error) {
      //  handle error
    }
  });
};

if (Meteor.isClient) {
  Meteor.loginWithSalesforce = (options = {}, callback = () => {}) => {
    // Support a callback without options
    if (typeof options === 'function') {
      /* eslint-disable no-param-reassign */
      callback = options;
      options = {};
      /* eslint-enable no-param-reassign */
    }

    check(callback, Function);
    check(options, Object);

    requestCredential(options, Accounts.oauth.credentialRequestCompleteHandler(callback));
  };
}

// Redirect to onboarding page after each login / app load
Accounts.onLogin(() => {
    browserHistory.push('/onboarding');
 });

skirunman avatar Jan 02 '18 01:01 skirunman

@skirunman thanks.

Yep... I have a number working too... it's just this one provider that does not support "state", so their is no way ,I am aware of, to pass the loginToken between the popup and the the _oauth call to do the authentication, when on Cordova... ie as it's cross domain from Cordova localhost to the callback <sever route> so you cant use localStorage or Cookies to store and retrieve the credentialToken. So stuck in this scenario.

With other providers we have state to pass this info to the provider and we get it back to call the _oauth route and it works fine.

adamgins avatar Jan 02 '18 01:01 adamgins

Got it, no idea of a workaround at this point.

skirunman avatar Jan 02 '18 02:01 skirunman