(also posted on Stackoverflow)
I'm using oauth2 client-side to authenticate users on my application and am stuck on handling errors, case in point being an invalid key. I'm opening a popup which upon successful auth redirects to my parent-url (loading the parent page in the popup) and passing back the oauth token to the parent).
If oauth2 fails for any reason, there is no redirect and I'm stuck in the popup. So I was wondering whether there was any way to actively manage this error. Currently I'm doing this:
function (window, rJS, RSVP, promiseEventListener) {
"use strict";
var REQUEST_TIMEOUT = 10000;
function getUrlParameter(name, url) {
// retrieves url param
}
function uuid() {
// returns an uuid
}
function setState() {
var state = uuid();
window.sessionStorage.setItem("state", state);
return state;
}
function getState() {
return window.sessionStorage.getItem("state");
}
rJS(window)
.ready(function () {
return this.initializeDropboxConnection();
})
.declareMethod("getDropboxConnect", function (my_url, my_name, my_config) {
var popup;
var popup_resolver;
var resolver = new Promise(function (resolve, reject) {
popup_resolver = function resolver(href) {
var test = getUrlParameter("state", href);
if (test && getState() === test) {
window.sessionStorage.setItem("state", null);
resolve({
"access_token": getUrlParameter("access_token", href),
"uid": getUrlParameter("uid", href),
"type": getUrlParameter("token_type", href)
});
} else {
reject("forbidden");
}
};
popup = window.open(my_url, my_name, my_config);
popup.opener.popup_resolver = popup_resolver;
return promiseEventListener(popup, "load", true);
});
return new RSVP.Queue()
.push(function () {
return RSVP.any([
resolver,
RSVP.delay(REQUEST_TIMEOUT)
]);
})
.push(function (my_ouath_dict) {
if (my_ouath_dict) {
return my_ouath_dict;
}
popup.close();
throw "You type too slow... or your key isn't valid";
});
})
.declareMethod("setDropboxConnect", function (my_client_id) {
return this.getDropboxConnect(
"https://www.dropbox.com/1/oauth2/authorize?" +
"client_id=" + my_client_id +
"&response_type=token" +
"&state=" + setState() +
"&redirect_uri=" + window.location.href,
"",
"width=480,height=480,resizable=yes,scrollbars=yes,status=yes"
);
})
.declareMethod("initializeDropboxConnection", function () {
// oauth popup will open same page and we will end up here, too
// but when inside the popup, the opener must be set
if (window.opener === null) {
return;
}
// window.opener returns ref to window that opened this window
// https://developer.mozilla.org/en-US/docs/Web/API/Window/opener
// this passes the token to the promise waiting above
return window.opener.popup_resolver(
window.location.hash.replace("#", "?")
);
});
}(window, rJS, RSVP, promiseEventListener));so after 15 seconds I force-close and assume something went wrong. Not really an optimal solution so I was wondering whether there is anything available to redirect in case of error and maybe pass an error token, so the application can handle.
Thanks!
