search

nraboy / ng-cordova-oauth

AngularJS oauth library for use with Apache Cordova projects
https://www.thepolyglotdeveloper.com
MIT License
456 stars 199 forks source link

Oauth + Cordova WKWebView Engine not working #280

Closed maikelsgit closed 7 years ago

maikelsgit commented 8 years ago

Hi I'm using ng-cordova-oauth in combination with the new Cordova WKWebView Engine plugin that is soon to be released. I don't no if this is the right place for it but I din't know where to go.

I'm using the Strava provider and I installed the Cordova WKWebView Engine plugin. When I run the app and press the login button the in-app browser will open with the Strava login page. I enter my login credentials en Strava is asking me if I want to allow permission for the app to use my Strava account, I say allow and in the xcode console I get webView:didFailLoadWithError - -1004: Could not connect to the server. Normally if I don't have the Cordova WKWebView Engine plugin installed the returned data is stored and you can start using my app.

If I change the default http://localhost/callbackurl to a valid domain and repeat the login proces I get the following error in console App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file. 2016-08-23 19:25:12.784 Teaming[6172:5224039] webView:didFailLoadWithError - -1022: The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.

So I added the correct App Transport Security profiles in my config.xml for that domain. If I again repeat the login proces and press the allow permission button on the strava page it redirects to the domain and shows me the domain page, no errors in console but it is also not doing anything it just stays on that page.

Is this a known problem, am I doing something wrong or is this a bug in combination with the Cordova WKWebView Engine plugin?

nraboy commented 8 years ago

My guess is that Cordova WKWebView is ahead of the Cordova InAppBrowser which this library depends upon. Have you tried raising an issue ticket in the InAppBrowser plugin repository?

@matheusrocha89 you heard anything on this?

kythanh commented 8 years ago

Hi @nraboy

I also am facing same problem when doing Oauth via LinkedIn with WKWebView installed. Below are inspect from Dev Tool Safari and iOS Console logs.

If you looking at the Origin on dom inspector, it is null. Do you have any idea about that?

webView:didFailLoadWithError - -1004: Could not connect to the server.

screen shot 2016-08-24 at 5 04 42 pm screen shot 2016-08-24 at 5 05 02 pm
kythanh commented 8 years ago

@nraboy Removing WKWebView, everything worked perfect again. Noticed that Origin in this case is set to file://

screen shot 2016-08-24 at 5 36 51 pm
matheusrocha89 commented 8 years ago

@nraboy I don't know anything about that. I will see if I can discover something about it

nraboy commented 8 years ago

I've heard reports for the longest time that Crosswalk has the same issues. I don't think this is something we'll be able to fix. I'm pretty sure it is dependent on Apache adding support for WKWebView and Crosswalk in the InAppBrowser plugin.

You'll probably have better luck asking them.

joshuachestang commented 7 years ago

This seems to be an issue of the redirect uri.

prafull-agarwal commented 5 years ago

Adding <allow-navigation href="http://localhost:8080/*"/> in config.xml works for me.