如何通过打开新窗口而不是从当前页面重定向用户来进行OAuth请求? [英] How can I do OAuth request by open new window, instead of redirect user from current page?
问题描述
我已经通过Twitter和Facebook完成了OAuth身份验证.当前,对于每个网站,我的服务器都会将用户重定向到指定的URL(例如, http://api .twitter.com/oauth/authorize 和Twitter),然后通过回调URL接收身份验证参数.
I have done OAuth authentication with Twitter and Facebook. Currently, with each of these site, my server redirect user to a specified URL (for example, http://api.twitter.com/oauth/authorize with Twitter), then receive authentication parameters by callback url.
但是,通过这种方式,用户被重定向到我的页面之外(到Facebook或Twitter),并且仅在输入正确的用户名&之后才返回.密码.就像 http://techcrunch.com 那样,当用户尝试发布帖子时.
But by that way, the users get redirected out of my page (to Facebook or Twitter), and only returns after input correct username & password. It's like the way http://techcrunch.com do it when a user try to tweet a post.
我记得在某些站点中,我看到我们不能通过重定向用户出线来连接,而是打开一个弹出窗口供用户输入凭据.完成身份验证后,弹出窗口关闭,主页刷新并显示新内容.
I remember that in some site, I have seen that we can connect not by redirect user out, but open a popup window for user to input credentials instead. After authentication is completde, the pop-up closed, the main page refresh with new content.
使用javascript,这可能是一个非常简单的任务,但我仍然无法弄清楚.我可以在弹出窗口中打开身份验证URL,但如何获取结果&更新主页?
This could be a very simple task with javascript, but I still can't figure it out. I can open authentication URL in a pop-up window, but how to get the result & update the main page?
推荐答案
假设您正在使用window.open()
在弹出窗口中打开身份验证URL,则可以使用以下方法访问父窗口:
Assuming you're opening authentication url in a pop-up using window.open()
, you can access parent window by using:
window.opener
并要重新加载父窗口(通过弹出窗口),请使用:
and to reload parent window (from a pop-up) use:
window.opener.location.reload();
此代码应在您设置为oauth授权的成功回调网址的网址上提供.
This code should be served on url that you've set up as success callback url of oauth authorization.
通常,流应为:
- 打开带有授权页面的弹出窗口(例如,在twitter.com上)
- 授权成功后,twitter会将用户重定向到您给定的url(在同一弹出窗口中将其打开)
- 打开打开器窗口(通过
window.opener.location.reload()
) - 关闭弹出窗口本身(您需要使用javascript)
- open a pop-up with an authorization page (on twitter.com for example)
- after successfull authorization twitter redirects user to url given by you (it gets opened in the very same pop-up)
- the opener window gets reloaded (via
window.opener.location.reload()
) - close the pop-up itself (using javascript is you want)
这篇关于如何通过打开新窗口而不是从当前页面重定向用户来进行OAuth请求?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!