Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I do OAuth request by open new window, instead of redirect user from current page?

Tags:

javascript

facebook

twitter

popup

I have done OAuth authentication with Twitter and Facebook. Currently, with each of these site, my server redirect user to a specified URL (for example, http://api.twitter.com/oauth/authorize with Twitter), then receive authentication parameters by callback url.

But by that way, the users get redirected out of my page (to Facebook or Twitter), and only returns after input correct username & password. It's like the way http://techcrunch.com do it when a user try to tweet a post.

I remember that in some site, I have seen that we can connect not by redirect user out, but open a popup window for user to input credentials instead. After authentication is completde, the pop-up closed, the main page refresh with new content.

This could be a very simple task with javascript, but I still can't figure it out. I can open authentication URL in a pop-up window, but how to get the result & update the main page?

like image 667
Hoàng Long Avatar asked Sep 30 '11 04:09

Hoàng Long

People also ask

What should be the redirect URI in oauth2?

A redirect URI, or reply URL, is the location where the authorization server sends the user once the app has been successfully authorized and granted an authorization code or access token.

How does OAuth redirect work?

After the user authenticates successfully, they will be redirected to the provided redirect URI, provided it exactly matches one of the redirect URIs configured on the oauth client. This prevents malicious apps from hijacking your auth flow and redirecting the user to a malicious site afterwards.

What is redirect URL in Google OAuth?

The redirect URIs are the endpoints to which the OAuth 2.0 server can send responses. These endpoints must adhere to Google's validation rules. For testing, you can specify URIs that refer to the local machine, such as http://localhost:8080 .

1 Answers

Assuming you're opening authentication url in a pop-up using window.open(), you can access parent window by using:

window.opener

and to reload parent window (from a pop-up) use:

window.opener.location.reload();

This code should be served on url that you've set up as success callback url of oauth authorization.

In general, the flow should be:

  • open a pop-up with an authorization page (on twitter.com for example)
  • after successfull authorization twitter redirects user to url given by you (it gets opened in the very same pop-up)
  • the opener window gets reloaded (via window.opener.location.reload())
  • close the pop-up itself (using javascript is you want)
like image 152
WTK Avatar answered Sep 29 '22 07:09

WTK
Sign in to Comment

Related questions

Working with Angular 2 [closed]
Draw an arrow between two divs
What is the meaning of "literal" in the phrase object literal notation?
What does Asynchronous means in Ajax?
AngularJS - refresh ng-repeat
firefox: keys is not a function
The user or administrator has not consented to use the application - Send an interactive authorization request for this user and resource
JavaScript "me" = "this", why?
Vue PWA not getting new content after refresh
jQuery click event on parent, but finding the child (clicked) element
Chrome extension: Inject JS before page load
How to have AngularJS output escaped HTML [duplicate]
JavaScript: Extract video frames reliably
display images fetched from s3
JavaScript: RegExp constructor vs RegEx literal
I know its bad to store data in the DOM, but why?
cross-origin 'Authorization'-header with jquery.ajax()
Event Handler Namespace in Vanilla JavaScript
Get last value inserted into a Set
What's the best way to calculate date difference in Javascript

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!