Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Closing OAuth 2.0 popup window after redirect

Tags:

oauth

oauth-2.0

I redirect user to the OAuth 2.0 authorization endpoint in popup window. What is best way to close this popup and refresh main window after OAuth 2.0 authorization server redirects user back with an authorization code?

Thanks in advance for any help.

like image 512
Lukasz Moren Avatar asked Nov 29 '11 10:11

Lukasz Moren

People also ask

What does redirect URI do in OAuth2?

A redirect URI, or reply URL, is the location where the authorization server sends the user once the app has been successfully authorized and granted an authorization code or access token.

How does OAuth redirect work?

If the request is valid and the user grants the authorization request, the authorization server generates an authorization code and redirects the user back to the application, adding the authorization code and the application's “state” value to the redirect URL.

What is redirect URI in OAuth2 Google?

The redirect URIs are the endpoints to which the OAuth 2.0 server can send responses. These endpoints must adhere to Google's validation rules. For testing, you can specify URIs that refer to the local machine, such as http://localhost:8080 .

Can OAuth be hacked?

Perhaps the most infamous OAuth-based vulnerability is when the configuration of the OAuth service itself enables attackers to steal authorization codes or access tokens associated with other users' accounts. By stealing a valid code or token, the attacker may be able to access the victim's data.

1 Answers

I think popup you can close by 

parent.close();

And to refresh main window I used this trick:

$(function() {     var win;     var checkConnect;     var $connect = $("#some_button");     var oAuthURL = "http://example.com/account/_oauth?redirect_url=" + redirect_url;     $connect.click(function() {         win = window.open(oAuthURL, 'SomeAuthentication', 'width=972,height=660,modal=yes,alwaysRaised=yes');     });      checkConnect = setInterval(function() {         if (!win || !win.closed) return;         clearInterval(checkConnect);         window.location.reload();     }, 100); });

Opener ( main window ) just checks every time if the popup still live and if win.closed returns true - the main window reloads

Hope it will help somebody

like image 107
Maksym Avatar answered Oct 04 '22 04:10

Maksym
Sign in to Comment

Related questions

Recommended database structure for OAuth Provider
Error: "message": "Login Required" when use Youtube Analytics API
Telegram bot - OAuth authorization
What is the Resource parameter in Windows Azure AD tenant application oAuth 2.0 specification
How to check if user is logged in or not with "Google Sign In" (OAuth 2.0)
How to use refresh token to obtain new access token on django-oauth-toolkit?
Tumblr API 2: Where is the "OAUTH_TOKEN" and "OAUTH_TOKEN_SECRET"
Check if twitter username exists
Install oAuth PECL error: Cannot install, php_dir for channel "pecl.php.net" is not writeable by the current user
Passport-Facebook not providing email even if it is in scope
Using OAuth for server-to-server authentication?
How to generate OAuth 2 Client Id and Secret
Two-legged OAuth - looking for information
OAuth 2.0 PHP Client and Server Example
OpenID Connect Authentication Flow (using KeyCloak) in a Mobile App + REST Backend
How can I get an oauth access token in sharepoint 2013?
SFSafariViewController Remove OAuth2 Cookie
A good tutorial for using AccountManager in Android? [closed]
How do you access the NFL's API's?
Securing non authenticated REST API

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!