OAuth connection to system's default browser

[jonathangraci]

Hi support,
I need to make an OAuth connection from my app. I managed to implement it using the inappbrowser plugin. The problem is that I would like to open the system's default browser and not the local browser to log in.

Can you help me?

Thanks.

[breautek]

To answer your question, In app browser's target attribute controls where to open the URL inside the plugin's open api. In this case you'd want the _system target.

But I think it's worth noting that when using the system browser, inter-communications with the in-app-browser view is limited, you wouldn't be able to pull access tokens. Listener events are only available for _blank targets as noted here, which means you can't post messages to and from the browser back to your app.

I'm not an oauth expert, nor do I use any oauth flow in my apps but I do know that most OAuth implementators block webviews because app hosts can manipulate the login screen which makes them untrustworthy. (Which is why I assume you're trying to use the system web browser). But because you can't pull out acccess tokens, I'm not sure how far the system web browser will get you for oauth integration.

You may need a native oath implementation that implements the android (and/or ios) oath flows exposed by a cordova plugin to get an oauth flow properly integrated in your app, instead of relying on web-based oauth flows which are intended to only work in traditional web environments that can be relatively trusted by the vendor.

EDIT: See #540 (comment) for how passing tokens is done when using the system browser.

[BigBalli]

If you want to use the system browser, you will need to use a provider that allows you to specify your own callback redirect URL then use a custom url scheme to get the token (ie re-open the app after login with the token passed).

[jonathangraci]

Exactly. The complexity is to reopen my app after OAUTH authentication is finished on the system browser.

How can I implement custom URL scheme? Is there a proven plugin?

Thanks.