Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How would this work on non-Mac Electron apps? #4

Open
brandonmp opened this issue May 4, 2017 · 2 comments
Open

How would this work on non-Mac Electron apps? #4

brandonmp opened this issue May 4, 2017 · 2 comments

Comments

@brandonmp
Copy link

The Electron example seems to hinge on this:

    app.on('open-url', function(event, url){
        console.log("Open url called with", url);
        mainWindow.webContents.executeJavaScript(`
            window.handleOpenURL('${url}');
        `);
    });

Unfortunately the open-url event is mac only

Running this demo in Linux for example throws this error in the terminal

// upon clicking the button to launch the login flow:
[4184:4184:0504/135100.760184:ERROR:configuration_policy_handler_list.cc(92)] Unknown policy: NTPContentSuggestionsEnabled
[4257:4257:0504/135101.249895:ERROR:interface_registry.cc(210)] Failed to locate a binder for interface: chrome::mojom::ResourceUsageReporter requested by:  exposed by:  via InterfaceProviderSpec "service_manager:connector".


// then once i click the login button on the auth0 popup
[4184:4184:0504/135102.157308:ERROR:render_process_host_impl.cc(2094)] Request for unknown Channel-associated interface: device::mojom::ScreenOrientationListener
gvfs-open: wayhome://wayhome.auth0.com/electron/wayhome/callback?code=NDxv20reeT19qHHA#: error opening location: The specified location is not supported

The end result is a hanging auth0 splash screen w/ an indefinite 'waiting' spinner

I've used PKCE flow w/ this client before in a Chrome extension, and the logins are reflected in my auth0 logs, so I'm certain it's something unique to the electron flow here.

Any idea how to get this working?
@darkyen
Copy link
Owner

darkyen commented May 4, 2017

This seems to be blocked in Electron (Windows & Linux have ways to handle this but they are not tapped in) a way to handle this as of now (as Google does in their PKCE demos aswell) is creating a simple http server which will handle the callback

#3 (comment)

@brandonmp
Copy link
Author

Ah interesting idea. so to clarify, something like setting up an express server on localhost:5000 & changing the callback url from packageIdentifier://etc to http://localhost:5000 ?

For now I'm just using the lock flow (demo'd in your other electron repo) w/ a refresh_token. AFAIK from your docs that's not standards-compliant, but are there any gaping security problems w/ that approach?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@darkyen @brandonmp