Popup blocked in Safari for pkce flow

capacitor-community / generic-oauth2

Generic Capacitor OAuth 2 client plugin. Stop the war in Ukraine!

MIT License

223 stars 106 forks source link

Popup blocked in Safari for pkce flow #216

Closed dejan9393 closed 1 year ago

dejan9393 commented 1 year ago

I'm running into an issue where the popup from the authenticate call is being blocked by Safari.

I believe this only happens for the pkce flow in browsers that support Crypto.subtle.

This happens because Safari expects popups to be opened synchronously as the user clicks the page. The async CryptoUtils.deriveChallenge call inside buildWebOptions is called before the popup is open, therefore resulting in the popup being blocked

daniandl commented 8 months ago

@moberwasserlechner Sorry for re-opening but it's still happening here https://codesandbox.io/p/sandbox/wizardly-leaf-jqfjxw?file=%2Fsrc%2FApp.vue%3A8%2C58

Are we doing something wrong?