如何通过打开新窗口而不是从当前页面重定向用户来进行OAuth请求? [英] How can I do OAuth request by open new window, instead of redirect user from current page?

问题描述

我已经通过Twitter和Facebook完成了OAuth身份验证.当前，对于每个网站，我的服务器都会将用户重定向到指定的URL(例如， http://api .twitter.com/oauth/authorize 和Twitter)，然后通过回调URL接收身份验证参数.

I have done OAuth authentication with Twitter and Facebook. Currently, with each of these site, my server redirect user to a specified URL (for example, http://api.twitter.com/oauth/authorize with Twitter), then receive authentication parameters by callback url.

但是，通过这种方式，用户被重定向到我的页面之外(到Facebook或Twitter)，并且仅在输入正确的用户名&之后才返回.密码.就像 http://techcrunch.com 那样，当用户尝试发布帖子时.

But by that way, the users get redirected out of my page (to Facebook or Twitter), and only returns after input correct username & password. It's like the way http://techcrunch.com do it when a user try to tweet a post.

我记得在某些站点中，我看到我们不能通过重定向用户出线来连接，而是打开一个弹出窗口供用户输入凭据.完成身份验证后，弹出窗口关闭，主页刷新并显示新内容.

I remember that in some site, I have seen that we can connect not by redirect user out, but open a popup window for user to input credentials instead. After authentication is completde, the pop-up closed, the main page refresh with new content.

使用javascript，这可能是一个非常简单的任务，但我仍然无法弄清楚.我可以在弹出窗口中打开身份验证URL，但如何获取结果&更新主页?

This could be a very simple task with javascript, but I still can't figure it out. I can open authentication URL in a pop-up window, but how to get the result & update the main page?

推荐答案

假设您正在使用window.open()在弹出窗口中打开身份验证URL，则可以使用以下方法访问父窗口:

Assuming you're opening authentication url in a pop-up using window.open(), you can access parent window by using:

window.opener

并要重新加载父窗口(通过弹出窗口)，请使用:

and to reload parent window (from a pop-up) use:

window.opener.location.reload();

此代码应在您设置为oauth授权的成功回调网址的网址上提供.

This code should be served on url that you've set up as success callback url of oauth authorization.

通常，流应为:

• 打开带有授权页面的弹出窗口(例如，在twitter.com上)
• 授权成功后，twitter会将用户重定向到您给定的url(在同一弹出窗口中将其打开)
• 打开打开器窗口(通过window.opener.location.reload())
• 关闭弹出窗口本身(您需要使用javascript)

• open a pop-up with an authorization page (on twitter.com for example)
• after successfull authorization twitter redirects user to url given by you (it gets opened in the very same pop-up)
• the opener window gets reloaded (via window.opener.location.reload())
• close the pop-up itself (using javascript is you want)

这篇关于如何通过打开新窗口而不是从当前页面重定向用户来进行OAuth请求?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！