Login via a chrome extension (again)

When i try to authorize the extension using the popup, I am presented with a screen with an error message telling me that it is blocked by the extension. After making some edits to the popup code, I was able to access the session data, and even write data to my POD. It’s progress, but the authentication process needs to be seamless.

I believe that oauth doesn’t like the chrome-extension:// file type, so i’m attempting to use the Chrome identity API. However, i’m confused about how this should work, or if it is even possible. Looking at the documentation, I have to do something like this…

const redirect_url = chrome.identity.getRedirectURL();
let authURL = `https://inrupt.net/authorization?&scope=openid&client_id="<CLIENT ID>"&response_type=id_token token&redirect_uri="${encodeURIComponent(redirect_url)}"&request=$<TOKEN>`;
    chrome.identity.launchWebAuthFlow({
        'url': authURL,
        'interactive': true
    }, function (res) {
        console.log(res);
    });

I’m not sure how to construct the url properly. I don’t know what endpoint I have to use for the authURL, and I don’t know how to obtain the client ID or the token. I’ve also tried using solid.auth.login(idp), but I still need a way to specify the redirect URL obtained from chrome.identity.getRedirectURL().

Can someone please offer me some advice? What is best way to do this? Are there any other options availiable to me?

Perhaps one solution would be for the chrome extension to open an external home page (http), where the user can login. I could then pass the auth token to the background.js file of the extension, and then store it in localstorage. Would that work? Would solid-auth-client be able to read that token? I’ll experiment in the morning.

Just tried it. Seems to work :wink:

2 Likes