4

I'm currently building an app in javascript for the new Firefox OS and am stuck on how to implement Google Drive API via OAuth v2. The app is probably on 

http://localhost and urn:ietf:wg:oauth:2.0:oob

, therefore I have the setup Client ID for installed applications as well as Client ID for Drive SDK. Since it is in the app, I have embedded the browser(iframe) for OAuth wherein the user will grant the application access and the refresh_token will be saved by app and the user get redirected to app. There should be no popup and this should be contained within the app.

So how can I accomplish this/what is the best way of doing this as I don't have access to localhost and which method would be the best(e.g. jsclient, http request,...)?

This app is just client based(no server-side). Also another question, can the User enter its username and password in app that we sent to google for authorization?

HRanDEV
  • 53
  • 6
  • Don't ask vague and multiple questions in a single entry. – peter Jun 05 '13 at 21:03
  • This is a whole new OS that is therefore fairly different, so how can I exactly know how to do this? The main question is how can I do auth on client-side without having access to localhost(default redirect). – HRanDEV Jun 09 '13 at 08:29

3 Answers3

2

well you can refer to gaia calendar app, which use the google calendar caldev API.

EDIT: read recent discussion about OAuth flow for packaged Open Web Apps in gaia-dev group

gasolin
  • 2,196
  • 1
  • 18
  • 20
1

See https://github.com/LDSorg/fxos-oauth2-jquery-demo for an example of the Implicit Grant (browser-only, no server) strategy.

manifest.json:

{ "name": "OAuth2 jQuery Demo"
, "description": "Login using OAuth2 / OAuth3 with jQuery"
, "version": "1.0"
, "type": "privileged"
, "launch_path": "/index.html"
, "developer": {
    "name": "John Doe"
  , "url": "https://johndoe.com"
  }
, "redirects": {
    "from": "http://should-be-a-fake-domain.com"
  , "to": "/oauth-close.html"
  }
}

Note:

Must be a privileged app:

"type": "privileged"

And the redirects must be in place:

"redirects": {
  "from": "http://use-a-fake-domain.com/my-redirect"
, "to": "/oauth-close.html"
}

Then you set your redirect_uri to http://use-a-fake-domain.com. You could, of course, use your own domain - and you might need to if you can't add the fake domain to the domain whitelist of the provider you're using - I just like using a fake domain because it's a visual queue to me.

coolaj86
  • 74,004
  • 20
  • 105
  • 125
0

i also have same question.Do you have a better solution for google auth in firefox os?

Firefox OS privileged app: Permission denied to access property 'document' of new window object created

Community
  • 1
  • 1
anfas
  • 356
  • 2
  • 3
  • 13