Nativefier: Issues with OAuth authentication (Asana, 22tracks, Sunrise, ...)

Is there any progress on this?

Cheers

EDIT: Managed to fix with my website by using redirection rather than popups.

Has anyone found a way to make this work? I'm having trouble with Asana in particular but other sites have also been problematic. Using the context menu "Open in new window" doesn't seem to work.

I'd like to add that Google Hangouts (http://hangouts.google.com) does not work the way I would like (clicking the arrow button on any chat to pop it into a new window opens a new blank white window and complains "callbackWindow._GC_OnFrameReady is not a function" in the JS Console). Yes, I know there's a Chrome app for this, but Chrome apps have stupid command-tab and command-~ behaviour problems (on Mac).

Also, add http://di.fm to the list of sites which have popup-style Facebook/Google+ OAuth and thus do not work (same as @thegrubbsian with "Open in new window" having no noticeable effect).

Having oAuth issues with Asana to Harvest (for time tracking integration). It opens in the default browser.

Suggested fix. It would seem simple to provide a toggle for "open external links in default browser" that could be toggled on and off by the user. That way one could turn that feature off briefly, do whatever they needed to do to connect to other sites, then toggle it back on.

Alternatively, it's be nice to whitelist addresses like Fluid could. Probably a better solution for the masses, but I'd actually prefer the first fix I mentioned.

Hi
Doesnt' work with StackEdit editor (http://stackedit.io/editor) either. Opening in browser and then reloading does not do anything. And opening a new window just displays a blank window.

I'm suffering from the same issue, different site (https://www.trivago.com), so I posted a message in electron forum:
https://discuss.atom.io/t/facebook-login-with-electron/40018
Please also commit there so maybe we will get some help if they will see it's a common problem.

After some research, here is what happening:
TL;DR
With electron, window.opener object is not passed to the popup window

By default, electron is opening every new window in a new electron instance. For security reasons, the new instance is not inheriting his parent (his opener) objects and therefor, don't hold the window.opener object which is usually necessary for completing OAuth sign-in.

There are some work-arounds for this problem if you are the site content owner. The problem is that it is usually not the case with nativefier.

Another option is to use the sand-box option which should exposes the regular window.open behaviour (same as any browser) but unfortunately, due to a bug in electron (#https://github.com/electron/electron/issues/8100), it won't work if the OAuth is from a different domain.

Another possible solution might be #https://github.com/electron/electron/pull/8963 which is looks like is going to be resolved soon.

BTW, also if the above issue will be resolved, the problem with nativefier current behaviour (opening pop-up window in the default browser), is that OAuth sign-in still won't work unless the OAuth sign-in will be open as an electron window.

I have solved this issue by means of the --internal-urls argument. In my case, I wanted an application to log in by means of accounts.google.com, so I set google URLs as internal. Now Google OAuth is open inside the application:

nativefier --internal-urls .*.google.com.* https://stackedit.io/app

@mariomac Is your session then restored after restarting the app? I have to login again every time I open the app.

I can't reproduce any issues with Asana. Google OAuth and Harvest work nicely and sessions are restoring, even between different builds.

nativefier --name "Asana" --internal-urls ".*(harvestapp|google|getharvest)\.com.*" https://app.asana.com/

I'm using [email protected] and [email protected]

Thanks for the great work!

Also trying to get https://sm2.ai to work through Facebook auth with no results.
nativefier --name "SM2 CRE App" "https://sm2.ai"
works perfectly but cannot make Fb auth work even in mobile mode (redirect instead of new tab).

Can something like this --internal-urls ".*(facebook|google)\.com.*" work for Facebook auth on https://sm2.ai ?

Tried --internal-urls .*.facebook.com.* - Facebook auth is in the same window now but there are two problems - after first login you just stay on Facebook. If you close then app and relaunch and try to authorise then - you get Fb auth and window with app opens in Chrome then

Got everything - now works fine:
"build-mac-app": "npm install nativefier -g && nativefier --internal-urls \".*(facebook|google|sm2)\\.(com|ai).*\" --name \"SM2 CRE App\" --fast-quit --min-width 365px --min-height 300px --app-copyright \"Copyright (c) 2017-2019. SM2 LLC & Timothy S. Ivaïkin. All rights reserved\" \"https://sm2.ai\" && test -e ./SM2\\ CRE\\ App-darwin-x64 && open ./SM2\\ CRE\\ App-darwin-x64 || open ./",
Just included app's own domain in --internal-urls

Thanks @Ivajkin. This is a narrow-cast solution which wokred for me and keeps non-google-login links opening externally for asana:

nativefier --name "Asana" --internal-urls "accounts\.google\.com.*" https://app.asana.com/

I'm having this problem with learning.oreilly.com. It requires my orgs login which redirects to another and that redirects to another. I tried internal-urls but it's not working :(

it will not be fixed > never ever!

If you have a SSO provider (Auth0, Okta, etc.) then you also have to list that as an internal URL.

Example:
nativefier --name "Google Meet" --internal-urls "google\.com.*|okta\.com.*" https://meet.google.com

Add as many internal URLs as needed in your auth process with the regex | symbol.

@tianhuil, thanks! Your method just worked for me right now.

nativefier --name "Asana" --internal-urls ".*(harvestapp|google|getharvest)\.com.*" https://app.asana.com/

This worked for me, thanks. Another option is to set internalUrls value directly in an existing appname/resources/app/nativefier.json.