-
Notifications
You must be signed in to change notification settings - Fork 264
Support environments without popups (phonegap, etc.) #2034
Comments
I imagine that simply redirecting into and out of our login flow, instead of using a popup, might Just Work with the Observer API, since we would automatically fire an assertion when landing back on the RP... |
@callahad yes, that's exactly the idea I've been discussing with Dan for Chrome/iOS support and UIWebView support. |
I have always found it skeptical when an app uses an internal webview to |
@seanmonstar I'm with you except.... what other option do we have? Eventually I'd like Firefox to act as the Persona implementation, no passwords. But that's a bit further down the line. |
Yea I know. Well, for Android at least, we could offer a Persona app, and then other Not possible on iOS, plus it requires Android users to download a second |
That would be possible on iOS, apps use custom protocol handlers to do that. But having to download a second app is, IMO, a non-starter. Our only hope is to piggy-back onto another app (like Firefox or Marketplace). |
there is a plugin for phonegap called ChildBrowser that is cross-platform and lets you open browser window popups for doing things like oauth. it can be used right now for browserid on phonegap |
Happy to see this issue on the list. This is an important use case to cover. As @maxogden says, ChildBrowser is the way to go. The problem is that persona (as far as I know) doesn't give you control over how the popup window opens. |
This feels really high priority, but low urgency at the moment. It'd be awesome to have a really well fleshed out mobile story in Q3. Especially with Chrome on iOS needing this, etc. |
This feels like a candidate for the new beta2-req label. |
now part of our Q3 goals... 👍 to the beta2 label. |
I have similar symptoms, Ben asked me to mention them here. Steps to reproduce:
|
It should also be possible to use the redirection even if you aren't on a mobile app. I have a use case where a forum I use supports single sign on by opening my "login page" in a popup. My login page would simply use the persona redirection to do its job. Right now, it gives me a popup opening a new popup. |
Just want to add that I was able to reproduce @wfwalker's 5 steps on iPad running iOS 6.1 As someone trying to put together a PhoneGap app, it would definitely be helpful to have a comment on this bug with an idea of the priority or the blockers for adding robust PhoneGap support. I'm about to brute-force my app to work, which probably won't be pretty, and if there was a little more guidance about design issues, I'd be more likely to do work that could be contributed back to Browserid. If my brute force hacks are at all illuminating, I'll follow up with links. |
Decided not to use Persona as a result of this issue. Definitely high priority if you ask me. |
@marknutter thanks for the feedback, we are working on this and we do plan a fix. Please consider watching this bug and adding Persona once we've addressed your issue! |
What's the general plan for solving this problem? An in-page javascript modal or something? Also, how can I contribute as a developer? |
@marknutter I'll let @seanmonstar give you details, but high-level we're thinking that we'll detect when popups are not possible and implement a redirection-based flow. If you're using the Persona Observer API, i.e. .watch(), you don't need to do anything: it will just work. |
oh, wait, so there's actually a way to do this manually right now via the Observer API? From the blog post about the Observer api: "Whenever a user clicks the login button on your site, you request() a verified email from your user, which opens the Persona dialog." - is that Persona dialog a popup window? |
@marknutter Alas, not quite yet. I believe the plan is to have the Observer API automatically detect when popups aren't enabled, and then switch to a redirect-based workflow. So if you implement the Observer API now, you'll eventually get a popup-free experience where needed. For what it's worth... what specific aspects of the popup blocked you from using Persona? Was it the lack of support in Phonegap or similar? |
Will there be an option to choose the redirection workflow even if popups On Wednesday, March 6, 2013, Dan Callahan wrote:
|
@tavisrudd This should now work in production on Chrome / iOS. Can you please confirm? |
Yep, it works fine now. Thanks :) |
Could somebody clarify what went into production? I just had a user complain that they couldn't login when using iOS Chrome. |
@jamesshore - if a site uses the |
@shane-tomlinson Ah, that explains it. Yes, I'm using the old API. I've been meaning to update it anyway. Thanks! |
I have a use case for a My application (Scrollback) is an IRC widget embedded on third party sites, and I'd like to open a popup to sign users in; if I use Persona there would now be two popups. As an analogy, imagine if Gmail or Yahoo decided that their OAuth sign in pages wouldn’t support a redirect flow - the Persona identity bridges would have to spawn additional popups, and the experience would be terrible. We're currently working around this issue by opening our login screen in an iframe on the third-party sites; this still results in three layers showing up: The host site, the scrollback login iframe, and the persona popup. You can see this happen on mozillaindia.org (which uses Scrollback). |
@aravindet so this is the 4th similar request I've heard in the last several weeks. I think delegating control over the experience to the website via such a flag might be the right thing to do. please open another issue specifically about this. there's also a thread in the mailing list where we discussed this, feel free to start a new thread or re-open that one. |
Right now, it works very well on my windows phone 7 lumia 710 ! |
I just attempted to build PhoneGap application using their Command Line process
I change my original get() call to a watch() . The sample i used was grabbed from here https://npmjs.org/package/express-persona Javascript (should I be using another file?)
Watch code
OnClick call to signal Login request
Also took an unsuccessful chance at using
Everything works fine on the desktop, and iOS safari. Issue with PhoneGap and iOS Safari that has been added to HomeScreen. Am I missing an opt-in flag or something? According to previous comments is sounded like this should work. |
A proposed declarative HTML API could solve most the rest of the issues involved, as it proposes POSTing back to a URL. See discussion: https://groups.google.com/d/topic/mozilla.dev.identity/12PW2Z-YPps/discussion |
I am using persona on my own "app", which is now just a website (so no phonegap). Everything works fine, except if I use chrome on android and use the "add to home screen" feature to pin the website to the android home screen. If I do that then I get an error like #2034 (comment) |
Looks like we may need to force PhoneGap / Cordova into the redirect workflow, instead of using popups. That would require editing this set of regexes to add PhoneGap detection: https://github.com/mozilla/persona/blob/32af5485ec5368cd0634d6ebd74f9a53a37f313f/resources/static/include_js/_include.js#L133-138 Patches welcome :) (Whitelisting isn't ideal, but it's the most expedient thing we have at the moment.) |
Don't know if you can find it with via userAgent but |
That sounds reasonable. I can have something up for testing tomorrow, or you could grab the repo and try it yourself :) |
Trying to test this locally. Not sure if I am doing it correctly:
|
Doh! You're doing everything right, but I forgot that Cordova / PhoneGap will have a Basically, using This is going to sound ridiculously convoluted, but can you place the Persona login button in an iframe that points to an actual website? (Wow, this is not easy. Sorry!) |
Thanks a lot @callahad |
@lefos987 I haven't actually worked with PhoneGap, but earlier in the thread the Child Browser plugin was suggested. Maybe that will work for you? |
Tried the iframe solution. Basically put my login/logout buttons in an iframe served by a nginx webserver. When I click login now:
|
@lefos987 Oof. I'm sorry again about the pain here. Realistically, this might not be cleanly solvable in the near future, as we don't have a lot of development bandwidth on our side, so you might want to go with an alternative option if getting your project out the door is the most important. On the other hand, if you're enjoying hacking on this, I'd love to review a pull request to make this work, or review a blog post detailing necessary workarounds to get Persona running under PhoneGap. |
@callahad sure thing! Will keep trying to see what the best way to achieve this is. |
Bummer... I am stuck at the same place. So close....getting persona to work with Ionic-angular-cordova... Any progress by any chance? Just asking :) |
Hi! To help us better focus, I'm "closing" all issues that have been open for more than six months. These have been tagged "cleanup-2014" so that we can go back and review them in the future. For more information, check out this thread: http://thread.gmane.org/gmane.comp.mozilla.identity.devel/7394 If you believe this bug is still a major issue for you, please comment, submit a pull request, or discuss it on our mailing list: https://lists.mozilla.org/listinfo/dev-identity Sorry for GitHub notification spam! |
+1, just got bitten by this. IMO a disclaimer you might want to make up front -- IIUC Persona doesn't work for any kind of mobile web app. |
The latter is not true; it works fine for me on Firefox for Android. |
Several folks on dev-identity are asking about getting BrowserID to work with things like PhoneGap. Apparently one of the primary issues is opening a popup: it opens in a browser outside of the PhoneGap application, breaking the connection between Persona and the app.
The text was updated successfully, but these errors were encountered: