I have a web app eg www.webapp.com that uses Google's OAUTH2 (gapi.authorize) (OAUTH2) to sign in users. It works from the desktop and mobile devices as long as I use the browser to navigate to the site.
PROBLEM: I can install it to the (eg "Add to Homescreen" on Android). But when I run it from the homescreen, the authentication/consent screen gets stuck on a blank page and a "connecting" message. My manifest.json file has display: standalone
I have to manually close the popup, and use the "Back" button on the phone to get back to the login screen. The response
token etc. are there as expected. Why is the popup screen not closing? How can it be forced to close without user intervention?
Related
I currently use oauth.io for login to fb, twitter, linked and instagram on a website application. Everything works fine accept for when the user hits the "Add to Home Screen" option and then uses the website by clicking on that home screen icon(fullscreen browser). I get a cross domain(I think)issue. I get this error right after login and no success function is run: "Unable to post message to http://www.example.com. Recipient has origin https://oauth.io."
Is there any reason that this only happens in the mobile fullscreen mode?
I'm writing an application which runs when a user tries to access a WiFi network and requires them to authenticate themselves. The router directs them to the site where they have some authentication options, one of which is through Facebook.
FB.login(function(response){
if(response.authResponse){
checkFBPermissions(response.authResponse.grantedScopes);
}else{
backToLoginOptions();
}
},{
scope: permissions,
auth_type: authtype,
return_scopes: true,
});
This all works fine on a laptop, android and even the new iPhone. On the iPad however (running iOS8), within the CNA browser (the browser that is launched automatically when connecting to the WiFi network) when the user hits login via FB they are taken to the FB login page within the same "tab" (I guess the CNA browser only ever has one tab) rather than opening a new window, and then after the user submits the Facebook login form it goes to a blank page. I guess this is because of the navigation away from the page (thus the JS code awaiting the response stops running).
We have a workaround which uses the "https://www.facebook.com/dialog/oauth?" method but this doesn't seem to be supported by the new FB API and I was hoping to find a solution that uses the new standard.
Any ideas?
Wifi network gateway is able to byPass the CNA browser. Then user is able to open browser manually.
Ruckus wireless provided this solution - bypassCNA=true
This will bypasses only iOS CNA page. Not android mini browser.
I have an app that already develop in HTML.
We are rendering app in UIWebview using the server URL.
Everything working fine. But I want to cache the Login page for offline support.
So, If user kill the app and restart the device and open app in offline mode he will see only the blank page.
Is there any way to save the login page so that user will able to see the login page instead of blank page.
I have an HTML5 website which has AD authentication. Inside this website, I have a webpage which I would like to be a "web app" on an iPad.
I have the cache.appcache file all ready and working fine in an environment where there is no AD authentication.
When I go to the page on the iPad, authenticate and then add to Home Screen, everything seems fine.
When I click on the homescreen shortcut, the page asks for authentication again. I need this to be an offline app - how can I achieve this? I want the user to have to authenticate to get the web app "installed" on the homescreen but after that don't want them to have to authenticate again.
Any ideas welcome!
When running a mobile site in iOS full screen mode, using the "apple-mobile-web-app-capable" meta tag, I am using a combination of AJAX and synchronous page requests, including redirects, with success while the user is logged in.
However, when the user logs out and the session is destroyed, the iOS device leaves full screen mode and opens the login page in a Mobile Safari window.
Here is a common sequence of events:
User clicks button on Home Screen to launch mobile site in iOS full
screen mode
Server redirects user to login page for authentication (still in full screen)
User logs in, and is redirected back to mobile home (still in full screen)
User performs various actions, via GET and POST, some using AJAX and some not (still in full screen)
User hits logout button, which destroys session and redirects back to login page
Mobile Safari window opens to render login page this second time
I have tried 301, 302 and 303 redirects on logout success and nothing seems to change this behavior. It seems related to the user's session ending when running in full screen mode. I don't think this matters, but the security mechanism is implemented via Spring Security running on Tomcat.
Is there any way to prevent this behavior? I would prefer not to use a location.href client side redirect on logout.
You can cancel a links default behaviour by using jQuery's event delegation to assign a single, top-level event handler to all links on the page. When a click event is detected, we cancel the default behavior (which is to open in mobile Safari) and then manually change the window's location. This approach allows the page to be changed without breaking the iPhone standalone application experience.
http://www.bennadel.com/blog/2302-Preventing-Links-In-Standalone-iPhone-Applications-From-Opening-In-Mobile-Safari.htm
I was under the impression from running into this previously that any non-ajax/ javascript navigation would cause the app to jump into safari to serve the page