Open bast0006 opened 2 years ago
This is non-trivial, we delegate to https://www.electronjs.org/docs/latest/api/shell#shellopenexternalurl-options
I believe @bast0006 wasn't asking for Element to open in a non-default browser or present a browser picker, but rather to display a little button that lets the user copy the SSO link to clipboard, so they can paste it into the browser of their choice manually.
It might sound like an odd feature, but many people for example separate their work and private browser profiles, or use different browsers altogether. The SSO page might open in the wrong browser, one which doesn't have the SSO credentials saved in the password manager, for instance.
The license activation window of JetBrains IDEs does something similar:
I would offer to work on this. Can I get approval on implementing a behavior that's similar to JetBrains as described above? Element already shows a similar popup, which could just include a "Trouble? Click here to copy the link and open it manually in your browser" text underneath the spinner:
@Lesik that sounds sane, no harm in working on it but it'd likely need design to sign off on and they're stretched very thin right now. Can't match Jetbrains exactly as the flow doesn't give you a token, it deeplinks back into the app. The Matrix spec would need changing to go with tokens.
Your use case
What would you like to do?
I would like to perform SSO login without using my default browser
Why would you like to do it?
Because my default browser is a catch-all for untrusted applications who's target cannot be configured, and I do not wish to trust an untrusted session with a trusted login process.
How would you like to achieve it?
A button, label, or some other method of being provided the SSO link itself so that its single use can be performed on a browser of choice, rather than being consumed by a browser that cannot safely perform SSO.
Have you considered any alternatives?
I have set up my default browser to refuse to resolve the SSO links, which permits me to copy them to the correct browser and continue the login process.
Additional context
Most other services perform validation via email (which allows easy link copying) or they provide the link as text in addition to a button so that users can copy it if their default browser does not work for some reason, which is not uncommon among nontechnical users.