将Chrome扩展程序popup.html页面重定向到Oauth的URL [英] Redirect the Chrome extension popup.html page to a URL for Oauth
问题描述
是否可以将Chrome扩展程序的弹出式HTML重定向到远程URL?
Is it possible to redirect the popup Html of a chrome extension to a remote URL?
出于OAuth的目的,我正在研究这种情况.当用户单击使用FB登录"按钮时,
I'm looking into this scenario for the purpose of OAuth. When a user clicks on the "Login with FB" button,
我希望chrome扩展程序的HTML页面重定向到: https://www.facebook.com/dialog/oauth?client_id= {app-id}& redirect_uri = {redirect-uri}
,以便提示用户登录.
I want the Html page of the chrome extension to redirect to: https://www.facebook.com/dialog/oauth?client_id={app-id}&redirect_uri={redirect-uri}
so that the user is prompted to log in.
这是否是在Chrome扩展程序中进行身份验证的正确方法?
Is this the right approach to do authentication in a Chrome extension anyway?
推荐答案
弹出式窗口非常脆弱.它们太容易关闭,用户无法使用密码管理器填写表单等.它们的大小也非常受限制.也许不是最好的主意.
Popups are very.. fragile. They are too easy to close, the user can't use password managers to fill the form etc. They are also very size-constrained. Maybe not the best idea.
您可以改为使用 chrome.windows
创建登录类型的窗口:
You can, instead, use chrome.windows
to create a login-type window:
chrome.windows.create({
url: "YourLoginURL",
type: "popup",
focused: true
});
但是,所有这些都不是在Chrome扩展程序中进行OAuth的本机"方法.
However, all that is not the "native" way to do OAuth in Chrome extensions.
本机方法是使用 chrome.identity
API 特别是 chrome.identity.launchWebAuthFlow
.
The native way is to use chrome.identity
API, specifically chrome.identity.launchWebAuthFlow
.
作为一项额外的好处,它使您可以使用虚拟的 https:
回调URL,这是最受支持的选项,而无需拥有域.
As an added bonus, it allows you to use a virtual https:
callback URL, which is the most widely supported option, without having to own a domain.
这篇关于将Chrome扩展程序popup.html页面重定向到Oauth的URL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!