I am writing a small package to connect a Meteor application to an OpenID Connect external Provider. I have based the code on accounts-github and github-oauth, with a “popup” loginStyle.
On server side, I get the authorization token, the access token, fake user informations (as both the application and OID Provider are in development mode), and the OAuth request handler, registered via OAuth.registerService(), is correctly ran (and I believe correctly handled).
Then flow goes to renderOAuthResult() and endOfLoginResponse(), but the popup doesn’t eventually close.
The popup rightly displays the updated end_of_popup.html template (i.e. with correct data inside it), but the window popup stays blank. It seems that the script is not executed.
As a side note, maybe I should specify that the application runs on http://localhost:3000, and the redirect_url is https://devel.trychlos.lan, because the OID provider only allows https, and I have configured a nginx to redirect the former to the ad-hoc url on localhost.
As I understand the Meteor OAuth flow, this is the last step before credentials are passed back to the main window and the user be logged-in. So… Any help would be welcome
Is there any particular reason I may find an answer in this package ?
This is a fork of salleman, which itself is a fork of witch.
I have carefully read the code of the three, but didn’t found any tip for my issue.
Yes, there were of great help when debugging my own code (because OIDC is not exactly OAuth), but in this last step I am blocked. I have tried to rely on maximum on already written code (because I am a bit lazy of course).
Server sends HTML to the client, HTML contains a tag, but script is not executed. Nobody has an idea why ?
If you are using Meteor 2.14, WeKan fork of salleman OIDC/OAuth2 at wekan/packages/wekan-oidc and wekan/packages/wekan-accounts-oidc directory has been modified to work with many different OIDC/OAuth2 providers:
Thanks to all to have taken the time to answer, even if the answer was for another question
Happens that the differences between the domain names that I mentioned in my first post was the source of the issue. So the solution I have chosen is :
install a local nginx, configuring it as
server name is myhost.local.lan, which is the hostname of my station in my local network
only serve https on port 443 with a self-signed certificate,
has a proxy_pass configuration to http://localhost:3000