So, we’re going live with a custom OAuth interface, and had to fork and modify the
meteor/oauth package to support our upstream authentication server. We did so by copying the oauth package from
http://github.com/meteor/meteor and republishing it as
clinical:oauth. Source code is below for reference.
The OAuth code itself is working just fine. We get the login page, can sign in, grant appropriate scope, get an access token, search APIs with it, etc. etc.
The only problem is that the popup doesn’t close when we’re finished. We’re left with a blank window.
And looking at the console, it appears that the MIME type isn’t executable, and strict MIME type checking is enabled.
Is strict MIME type checking even a thing with Meteor? Is that something we can configure or set? Is this something to do with file permissions that are checked into GitHub?
end_of_popup_response.js is one of the files we checked into our custom OAuth package. So, it has something to do with how we built this package. But I’m at a bit of a loss as to where to start with debugging this particular item.