I am attempting to authenticate with Constant Contact via OAuth2 in a popup window. I am using $.postMessage to send the data between windows, and for the most part, it works beautifully.
My problem is with Safari. A normal request has a URL that looks like this:
https://example.com/oauth-v2/#access_token=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx&token_type=Bearer&expires_in=xxxxxxxxx
But while using Safari to make the request, the entire hash is cut off the URL and location.hash, window.location.hash, window.parent.location.hash are all empty.
The authentication flow is fairly standard:
- User clicks auth button
- Popup window to auth with Constant Contact
- Allow application
- List item
- Return to app site to capture token
Here's the javascript we're using to get the URL hash info
jQuery(document).ready(function ($) {
$.extend({
getQueryParameters: function (str) {
return (str || document.location.search || document.location.hash)
.replace(/(^\?)|(^\#)/, '')
.split("&")
.map(function (n) { return n = n.split("="), this[n[0]] = n[1], this }.bind({}))[0];
}
});
$.receiveMessage(function (event) {
$.postMessage($.getQueryParameters(), event.origin, event.source);
setTimeout(function () {
window.close()
}, 5000);
});
});
Is the missing hash a known bug in Safari? Should I be doing something else to get the info from Constant Contact? It works in every other browser so I would hate to re-write this part of the application.
