Third party iframe for authentication?

solid-contrib / solid-auth-fetcher

A client library for authenticating with Solid

Other

2 stars 6 forks source link

Third party iframe for authentication? #12

Open neuronsupport opened 4 years ago

neuronsupport commented 4 years ago

Isnt it possible to open a third party iframe for authentication? from what I understand, cookies are not used by the authentication process. Am I right on this?

josephguillaume commented 3 years ago

Presumably the same mechanism could be used as for a popup, i.e. redirection of the iframe to a page that stores the token in local storage, while the main page waits for the iframe to be terminated.

I suppose the advantage would be providing another alternative to redirects and popups.

Note, however, that the localStorage mechanism is discouraged by solid-client-authn for security reasons.