Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issues with OAuth authentication (Asana, 22tracks, Sunrise, ...) #164

Closed
jiahaog opened this issue Mar 14, 2016 · 23 comments
Closed

Issues with OAuth authentication (Asana, 22tracks, Sunrise, ...) #164

jiahaog opened this issue Mar 14, 2016 · 23 comments

Comments

@jiahaog
Copy link
Member

@jiahaog jiahaog commented Mar 14, 2016

Here is the consolidation of all webpages using OAuth that have login issues. As far as I know, for certain sites, e.g. feedly.com, authentication works after logging in in the new window and refreshing the main window, but there are problems with the sites below.

I'm not exactly sure how to go about fixing this, help would be greatly appreciated!

@Rob5Underscores-zz
Copy link

@Rob5Underscores-zz Rob5Underscores-zz commented Apr 30, 2016

Is there any progress on this?

Cheers

EDIT: Managed to fix with my website by using redirection rather than popups.

@thegrubbsian
Copy link

@thegrubbsian thegrubbsian commented May 13, 2016

Has anyone found a way to make this work? I'm having trouble with Asana in particular but other sites have also been problematic. Using the context menu "Open in new window" doesn't seem to work.

@AdrianTP
Copy link

@AdrianTP AdrianTP commented Jun 22, 2016

I'd like to add that Google Hangouts (http://hangouts.google.com) does not work the way I would like (clicking the arrow button on any chat to pop it into a new window opens a new blank white window and complains "callbackWindow._GC_OnFrameReady is not a function" in the JS Console). Yes, I know there's a Chrome app for this, but Chrome apps have stupid command-tab and command-~ behaviour problems (on Mac).

Also, add http://di.fm to the list of sites which have popup-style Facebook/Google+ OAuth and thus do not work (same as @thegrubbsian with "Open in new window" having no noticeable effect).

@jb510
Copy link

@jb510 jb510 commented Aug 19, 2016

Having oAuth issues with Asana to Harvest (for time tracking integration). It opens in the default browser.

Suggested fix. It would seem simple to provide a toggle for "open external links in default browser" that could be toggled on and off by the user. That way one could turn that feature off briefly, do whatever they needed to do to connect to other sites, then toggle it back on.

Alternatively, it's be nice to whitelist addresses like Fluid could. Probably a better solution for the masses, but I'd actually prefer the first fix I mentioned.

@abhayghatpande
Copy link

@abhayghatpande abhayghatpande commented Oct 11, 2016

Hi
Doesnt' work with StackEdit editor (http://stackedit.io/editor) either. Opening in browser and then reloading does not do anything. And opening a new window just displays a blank window.

@eyarz
Copy link

@eyarz eyarz commented Feb 26, 2017

I'm suffering from the same issue, different site (https://www.trivago.com), so I posted a message in electron forum:
https://discuss.atom.io/t/facebook-login-with-electron/40018
Please also commit there so maybe we will get some help if they will see it's a common problem.

@eyarz
Copy link

@eyarz eyarz commented Mar 29, 2017

After some research, here is what happening:
TL;DR
With electron, window.opener object is not passed to the popup window

By default, electron is opening every new window in a new electron instance. For security reasons, the new instance is not inheriting his parent (his opener) objects and therefor, don't hold the window.opener object which is usually necessary for completing OAuth sign-in.

There are some work-arounds for this problem if you are the site content owner. The problem is that it is usually not the case with nativefier.

Another option is to use the sand-box option which should exposes the regular window.open behaviour (same as any browser) but unfortunately, due to a bug in electron (#electron/electron#8100), it won't work if the OAuth is from a different domain.

Another possible solution might be #electron/electron#8963 which is looks like is going to be resolved soon.

BTW, also if the above issue will be resolved, the problem with nativefier current behaviour (opening pop-up window in the default browser), is that OAuth sign-in still won't work unless the OAuth sign-in will be open as an electron window.

@mariomac
Copy link

@mariomac mariomac commented Mar 29, 2018

I have solved this issue by means of the --internal-urls argument. In my case, I wanted an application to log in by means of accounts.google.com, so I set google URLs as internal. Now Google OAuth is open inside the application:

nativefier --internal-urls .*.google.com.* https://stackedit.io/app
@vielhuber
Copy link

@vielhuber vielhuber commented Apr 4, 2018

@mariomac Is your session then restored after restarting the app? I have to login again every time I open the app.

@adshrc
Copy link

@adshrc adshrc commented May 9, 2018

I can't reproduce any issues with Asana. Google OAuth and Harvest work nicely and sessions are restoring, even between different builds.

nativefier --name "Asana" --internal-urls ".*(harvestapp|google|getharvest)\.com.*" https://app.asana.com/

I'm using nativefier@7.6.2 and node@10.1.0

Thanks for the great work!

@Ivajkin
Copy link

@Ivajkin Ivajkin commented Dec 21, 2018

Also trying to get https://sm2.ai to work through Facebook auth with no results.
nativefier --name "SM2 CRE App" "https://sm2.ai"
works perfectly but cannot make Fb auth work even in mobile mode (redirect instead of new tab).

@Ivajkin
Copy link

@Ivajkin Ivajkin commented Dec 21, 2018

Can something like this --internal-urls ".*(facebook|google)\.com.*" work for Facebook auth on https://sm2.ai ?

@Ivajkin
Copy link

@Ivajkin Ivajkin commented Dec 21, 2018

Tried --internal-urls .*.facebook.com.* - Facebook auth is in the same window now but there are two problems - after first login you just stay on Facebook. If you close then app and relaunch and try to authorise then - you get Fb auth and window with app opens in Chrome then

@Ivajkin
Copy link

@Ivajkin Ivajkin commented Dec 21, 2018

Got everything - now works fine:
"build-mac-app": "npm install nativefier -g && nativefier --internal-urls \".*(facebook|google|sm2)\\.(com|ai).*\" --name \"SM2 CRE App\" --fast-quit --min-width 365px --min-height 300px --app-copyright \"Copyright (c) 2017-2019. SM2 LLC & Timothy S. Ivaïkin. All rights reserved\" \"https://sm2.ai\" && test -e ./SM2\\ CRE\\ App-darwin-x64 && open ./SM2\\ CRE\\ App-darwin-x64 || open ./",
Just included app's own domain in --internal-urls

@tianhuil
Copy link

@tianhuil tianhuil commented Apr 3, 2019

Thanks @Ivajkin. This is a narrow-cast solution which wokred for me and keeps non-google-login links opening externally for asana:

nativefier --name "Asana" --internal-urls "accounts\.google\.com.*" https://app.asana.com/
@anshchauhan
Copy link

@anshchauhan anshchauhan commented Sep 27, 2019

I'm having this problem with learning.oreilly.com. It requires my orgs login which redirects to another and that redirects to another. I tried internal-urls but it's not working :(

@mxdpeep
Copy link

@mxdpeep mxdpeep commented Sep 29, 2019

it will not be fixed > never ever!

@Nezteb
Copy link

@Nezteb Nezteb commented Nov 25, 2019

If you have a SSO provider (Auth0, Okta, etc.) then you also have to list that as an internal URL.

Example:
nativefier --name "Google Meet" --internal-urls "google\.com.*|okta\.com.*" https://meet.google.com

Add as many internal URLs as needed in your auth process with the regex | symbol.

@mikernd
Copy link

@mikernd mikernd commented Nov 27, 2019

@tianhuil, thanks! Your method just worked for me right now.

@dmarcelino
Copy link

@dmarcelino dmarcelino commented Jan 16, 2020

nativefier --name "Asana" --internal-urls ".*(harvestapp|google|getharvest)\.com.*" https://app.asana.com/

This worked for me, thanks. Another option is to set internalUrls value directly in an existing appname/resources/app/nativefier.json.

@TheCleric
Copy link
Collaborator

@TheCleric TheCleric commented Apr 29, 2021

Can anyone confirm after the introduction of --internal-urls and our list of known internal logins, if this is still an issue in the current version of Nativefier?

@adshrc
Copy link

@adshrc adshrc commented May 3, 2021

@TheCleric OAuth works fine for me, haven't noticed any issues since 7.6.2 🔥

@ronjouch
Copy link
Member

@ronjouch ronjouch commented May 3, 2021

@TheCleric OAuth works fine for me, haven't noticed any issues since 7.6.2

Neat 🙂. Closing.

@ronjouch ronjouch closed this May 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet