Issue with custom Oauth Popup on Cordova


I have created a custom Oauth provider and it works fine in the browser using “redirect”. For Cordova, it uses “popup”. After successfully logging in, it ends up in an InAppBrowser page with “Done”… which I click and it just lands back at my sign-in page… Ie does not actually sign-in.

I am pointing my callback to Accounts.oauth.credentialRequestCompleteHandler = function(callback) found at

So I am expecting something to do with Accounts.oauth.tryLoginAfterPopupClosed(credentialTokenOrError, callback);

After successfully logging in, I see this in the console

2017-12-29 11:15:37.071819+1100 Buzzy[8996:5090252] WF: _WebFilterIsActive returning: NO
2017-12-29 11:15:37.471677+1100 Buzzy[8996:5089934] CDVWebViewDelegate: Detected redirect when loadCount=3
2017-12-29 11:15:37.478715+1100 Buzzy[8996:5089934] webView:didFailLoadWithError - -999: The operation couldn’t be completed. (NSURLErrorDomain error -999.)
2017-12-29 11:15:37.480811+1100 Buzzy[8996:5090218] Task <41E07FEF-0A6D-444C-B5BF-1A19A78C7B1A>.<0> HTTP load failed (error code: -999 [1:89])
2017-12-29 11:15:37.484240+1100 Buzzy[8996:5090218] Task <5A5D8F00-48AA-44B3-B9E1-A3849565F079>.<0> HTTP load failed (error code: -999 [1:89])

I have a found a bunch of similar issues, with some differences… but can’t seem to get it to work. For example @abernix wondering if you have any insight pls?

I tried a “redirect” instead of popup and I get

WebFilterIsActive returning: NO
2017-12-29 11:19:36.953646+1100 Buzzy[9007:5093253] Task <C6ADFCA7-933B-4920-B43E-27A46DA22F0F>.<0> HTTP load failed (error code: -999 [1:89])
2017-12-29 11:19:37.353844+1100 Buzzy[9007:5092968] Error in Success callbackId: InAppBrowser1826149383 : Error: No hash fragment in OAuth popup?
2017-12-29 11:19:37.357213+1100 Buzzy[9007:5092968] Uncaught Error: Error: No hash fragment in OAuth popup?:314:http://localhost:12456/cordova.js
2017-12-29 11:19:52.071057+1100 Buzzy[9007:5093526] PBItemCollectionServicer connection disconnected.

More info: OK, I think I worked out why this happens, it stems from the lack of support by the Oauth provider for state and credentialToken in the callback. To get around this we used a custom route to append these items.

So in short, wondering if there is a way to get Cordova loginStyle to work with “redirect” (not “popup”)?


Any help appreciated

Update: Ok, I kinda solved it.If I added “state” to the call it works. The issue I have is the specific Oauth provider does not support “state” (they do in one environment and it works, but not in production). Already I was using localStorage to save state, but this does not work with a “popup” style Oauth and on Crodova it defaults to “popup”…arrrrrggg Catch 22!!!