Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
662 views
in Technique[技术] by (71.8m points)

javascript - Chrome identity launchWebAuthFlow only opens empty callback page

Sorry for yet another probably noob question, normally I don't give in until I find a solution myself but this one has me going for 3 days and it is time to admit I'm stuck...

I'm trying to authenicate a Chrome extension to use PushBullet user data via OAuth2:

background.js

var client_id = '<32 DIGIT CLIENT ID>'; 
var redirectUri = "chrome-extension://lgekckejcpodobwpelekldnhcbenimbe/oauth2";
var auth_url = "https://www.pushbullet.com/authorize?client_id=" + client_id + "&redirect_uri=" + encodeURIComponent(redirectUri) + "&response_type=token";

chrome.identity.launchWebAuthFlow({'url':auth_url,'interactive':true}, function(redirect_url){
    console.log(redirect_url)
});

manifest.json:

"permissions": [
    "identity", 
    "*://*.google.com/*",
    "*://*.pushbullet.com/*",   
    "storage"
  ],
  "web_accessible_resources": [ 
    "/oauth2/*"

When I load the extension:

  1. The Pushbullet authorization pop-up opens and asks to give permission to my extension (OK)
  2. I agree (OK)
  3. The Pushbullet window closes and a new empty page opes the URL of that windows is the callback URI with a token:

chrome-extension://lgekckejcpodobwpelekldnhcbenimbe/oauth2#access_token=o.zrrWrDozxMu6kftrMHb89siYJQhRVcoL

I did not expect an empty page to open but rather having launchWebAuthFlow captured the URI and have it written in the console log like coded in the callback function... but it seems to be waiting...

The only option now is to close this empty page only to see the following logged:

Unchecked runtime.lastError while running identity.launchWebAuthFlow: The user did not approve access.

Clearly I'm missing something vital... do I need additional code "somewhere" to get the callback URI in my background.js?

Thanks, really appriciate the help.

ShadowHunter

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

You are misunderstanding the identity API.

You cannot use it with a custom callback URL. The API expects you to use a URL of the form

https://<app-id>.chromiumapp.org/*

which you can obtain with a call to chrome.identity.getRedirectURL(path)

When the provider redirects to a URL matching the pattern https://<app-id>.chromiumapp.org/*, the window will close, and the final redirect URL will be passed to the callback function.

This is because a lot of OAuth providers would not accept a chrome-extension:// URL as valid.

If your does - great, but you'll need to use your own OAuth library (and token storage, which is worse). chrome.identity works only with the above.

Do note that the network request is not actually sent to the chromiumapp.org address in this flow - it's a "virtual" address intercepted by the API.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...