New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issues with OAuth authentication (Asana, 22tracks, Sunrise, ...) #164

Open
jiahaog opened this Issue Mar 14, 2016 · 14 comments

Comments

Projects
None yet
@jiahaog
Copy link
Owner

jiahaog commented Mar 14, 2016

Here is the consolidation of all webpages using OAuth that have login issues. As far as I know, for certain sites, e.g. feedly.com, authentication works after logging in in the new window and refreshing the main window, but there are problems with the sites below.

I'm not exactly sure how to go about fixing this, help would be greatly appreciated!

@Rob5Underscores-zz

This comment has been minimized.

Copy link

Rob5Underscores-zz commented Apr 30, 2016

Is there any progress on this?

Cheers

EDIT: Managed to fix with my website by using redirection rather than popups.

@thegrubbsian

This comment has been minimized.

Copy link

thegrubbsian commented May 13, 2016

Has anyone found a way to make this work? I'm having trouble with Asana in particular but other sites have also been problematic. Using the context menu "Open in new window" doesn't seem to work.

@AdrianTP

This comment has been minimized.

Copy link

AdrianTP commented Jun 22, 2016

I'd like to add that Google Hangouts (http://hangouts.google.com) does not work the way I would like (clicking the arrow button on any chat to pop it into a new window opens a new blank white window and complains "callbackWindow._GC_OnFrameReady is not a function" in the JS Console). Yes, I know there's a Chrome app for this, but Chrome apps have stupid command-tab and command-~ behaviour problems (on Mac).

Also, add http://di.fm to the list of sites which have popup-style Facebook/Google+ OAuth and thus do not work (same as @thegrubbsian with "Open in new window" having no noticeable effect).

@jb510

This comment has been minimized.

Copy link

jb510 commented Aug 19, 2016

Having oAuth issues with Asana to Harvest (for time tracking integration). It opens in the default browser.

Suggested fix. It would seem simple to provide a toggle for "open external links in default browser" that could be toggled on and off by the user. That way one could turn that feature off briefly, do whatever they needed to do to connect to other sites, then toggle it back on.

Alternatively, it's be nice to whitelist addresses like Fluid could. Probably a better solution for the masses, but I'd actually prefer the first fix I mentioned.

@abhayghatpande

This comment has been minimized.

Copy link

abhayghatpande commented Oct 11, 2016

Hi
Doesnt' work with StackEdit editor (http://stackedit.io/editor) either. Opening in browser and then reloading does not do anything. And opening a new window just displays a blank window.

@eyarz

This comment has been minimized.

Copy link

eyarz commented Feb 26, 2017

I'm suffering from the same issue, different site (https://www.trivago.com), so I posted a message in electron forum:
https://discuss.atom.io/t/facebook-login-with-electron/40018
Please also commit there so maybe we will get some help if they will see it's a common problem.

@eyarz

This comment has been minimized.

Copy link

eyarz commented Mar 29, 2017

After some research, here is what happening:
TL;DR
With electron, window.opener object is not passed to the popup window

By default, electron is opening every new window in a new electron instance. For security reasons, the new instance is not inheriting his parent (his opener) objects and therefor, don't hold the window.opener object which is usually necessary for completing OAuth sign-in.

There are some work-arounds for this problem if you are the site content owner. The problem is that it is usually not the case with nativefier.

Another option is to use the sand-box option which should exposes the regular window.open behaviour (same as any browser) but unfortunately, due to a bug in electron (#electron/electron#8100), it won't work if the OAuth is from a different domain.

Another possible solution might be #electron/electron#8963 which is looks like is going to be resolved soon.

BTW, also if the above issue will be resolved, the problem with nativefier current behaviour (opening pop-up window in the default browser), is that OAuth sign-in still won't work unless the OAuth sign-in will be open as an electron window.

@ronjouch ronjouch changed the title Issues With OAuth Authentication Issues with OAuth authentication (Asana, 22tracks, Sunrise, ...) Apr 8, 2017

@ronjouch ronjouch added the bug label Apr 8, 2017

@mariomac

This comment has been minimized.

Copy link

mariomac commented Mar 29, 2018

I have solved this issue by means of the --internal-urls argument. In my case, I wanted an application to log in by means of accounts.google.com, so I set google URLs as internal. Now Google OAuth is open inside the application:

nativefier --internal-urls .*.google.com.* https://stackedit.io/app
@vielhuber

This comment has been minimized.

Copy link

vielhuber commented Apr 4, 2018

@mariomac Is your session then restored after restarting the app? I have to login again every time I open the app.

@adshrc

This comment has been minimized.

Copy link

adshrc commented May 9, 2018

I can't reproduce any issues with Asana. Google OAuth and Harvest work nicely and sessions are restoring, even between different builds.

nativefier --name "Asana" --internal-urls ".*(harvestapp|google|getharvest)\.com.*" https://app.asana.com/

I'm using nativefier@7.6.2 and node@10.1.0

Thanks for the great work!

@Ivajkin

This comment has been minimized.

Copy link

Ivajkin commented Dec 21, 2018

Also trying to get https://sm2.ai to work through Facebook auth with no results.
nativefier --name "SM2 CRE App" "https://sm2.ai"
works perfectly but cannot make Fb auth work even in mobile mode (redirect instead of new tab).

@Ivajkin

This comment has been minimized.

Copy link

Ivajkin commented Dec 21, 2018

Can something like this --internal-urls ".*(facebook|google)\.com.*" work for Facebook auth on https://sm2.ai ?

@Ivajkin

This comment has been minimized.

Copy link

Ivajkin commented Dec 21, 2018

Tried --internal-urls .*.facebook.com.* - Facebook auth is in the same window now but there are two problems - after first login you just stay on Facebook. If you close then app and relaunch and try to authorise then - you get Fb auth and window with app opens in Chrome then

@Ivajkin

This comment has been minimized.

Copy link

Ivajkin commented Dec 21, 2018

Got everything - now works fine:
"build-mac-app": "npm install nativefier -g && nativefier --internal-urls \".*(facebook|google|sm2)\\.(com|ai).*\" --name \"SM2 CRE App\" --fast-quit --min-width 365px --min-height 300px --app-copyright \"Copyright (c) 2017-2019. SM2 LLC & Timothy S. Ivaïkin. All rights reserved\" \"https://sm2.ai\" && test -e ./SM2\\ CRE\\ App-darwin-x64 && open ./SM2\\ CRE\\ App-darwin-x64 || open ./",
Just included app's own domain in --internal-urls

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment