ngx-cordova-oauth icon indicating copy to clipboard operation
ngx-cordova-oauth copied to clipboard
Published 8 years ago verified publisher icon nraboy

OauthBrowser Callback issue

Open opahopa opened this issue 8 years ago • 1 comments

Hi!

I'm a bit stuck with implementing this lib in my project.

Trying to debug it locally using ionic serve => using the OauthBrowser.

setup is pretty simple:

import {Facebook, Google} from 'ng2-cordova-oauth/core';

//replace for build!!!
import {OauthCordova} from 'ng2-cordova-oauth/platform/cordova'
import {OauthBrowser} from 'ng2-cordova-oauth/platform/browser'

@Injectable()
export class AuthServiceProvider {

  private oauth = new OauthBrowser();
  private fBprovider = new Facebook({
  clientId: "*620872*********",
  appScope: ['email']
});

  constructor(public http: Http, @Inject(APP_CONFIG) private config: IAppConfig) {
  }

  fbLogin() {
    return this.oauth.logInVia(this.fBprovider);
  }
}

Browser window is opened and i receive an access token in callback url, however it seems like the callback isn't getting processed by OauthBrowser, as in browser i'm getting error:

This site can’t be reached

localhost refused to connect.
Try:
Checking the connection
Checking the proxy and the firewall
ERR_CONNECTION_REFUSED

I don't have firewalls / other servers running. Have http://localhost/callback and https://localhost/callback in Valid OAuth redirect URIs FB app's config.

config:

    @ionic/cli-utils  : 1.12.0
    ionic (Ionic CLI) : 3.12.0

global packages:

    cordova (Cordova CLI) : not installed

local packages:

    @ionic/app-scripts : 2.1.3
    Cordova Platforms  : none
    Ionic Framework    : ionic-angular 3.6.0

System:

    Node : v6.11.0
    npm  : 5.3.0 
    OS   : Windows 10

Why is this possibly happening?

opahopa avatar Sep 26 '17 10:09 opahopa

Hi, I have the same issue and the problem is that the browser avoid the access to the popup.location.href value due to cross-origin errror: SecurityError: Uncaught DOMException: Blocked a frame with origin "http://localhost:8100" from accessing a cross-origin frame.

So that it is impossible to read the value of the callback url, and than the result is that the popup is never close and the callback url parameters are never read.

Any solutions?

UPDATE: if you want to use in localhost and avoid corss-origin check, install a web server listening in http://localhost and create a reverse proxy rule http://localhost => http://localhost:8100

ie if you use Apache HTTP Server you can configure these rules:

ProxyPass "/" "http://localhost:8100/"
ProxyPassReverse "/" "http://localhost:8100/"

and then navigate on http://localhost instead of http://localhost:8100. Then if you use a callback uri in http://localhost/callback you should not have corss-origin warning

macarlet avatar Oct 19 '17 10:10 macarlet