Page MenuHomePhabricator

OAuth authorization dialogs should have a plain (skinless) version so that they can be shown in popup windows.
Open, MediumPublic

Description

A possible design:

Event Timeline

Tgr created this task.May 12 2015, 3:08 PM
Tgr raised the priority of this task from to Needs Triage.
Tgr updated the task description. (Show Details)
Tgr added a subscriber: Tgr.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 12 2015, 3:08 PM
Tgr added a comment.May 12 2015, 3:37 PM

T71246 is a poor man's version of this.

This is the current OAuth flow:

  • the user visits the application's home page
  • they click on a 'Login' link
  • they are redirected to the authorization screen at mediawiki.org
  • they click on the 'Allow' button
  • they get redirected to the application

Using popups, there would be almost no way for the apps to know in real time that they've been authorized.
Not mentioning that, at least in a desktop environment, popups are very annoying and might be blocked even without the user noticing...

Tgr triaged this task as Medium priority.Jun 29 2015, 7:15 PM