0

I've been following the Microsoft guide on how to use their Mobile App service to provide google login for a cordova app. I've set up the app service as described and registered my endpoint with the google+ API. I've set my content security policies to unsafe-inline where necessary in index.html (this is just for development), i.e.,

<meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-inline' data: gap: https://accounts.google.com https://something.azurewebsites.net; style-src 'self' 'unsafe-inline'; media-src *">

However, I'm currently getting the following error that's prevening the google login page from loading:

Refused to display 'https://accounts.google.com/o/oauth2/v2/auth?response_type=code&client_id=xxx.. in a frame because it set 'X-Frame-Options' to 'sameorigin'.

From reading this SO question it would appear that it's not possible to show the google login in an iframe. How then am I suppose to provide google authentication for a cordova app that uses Azure's Mobile App service?

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
James B
  • 8,975
  • 13
  • 45
  • 83

1 Answers1

0

I would recommend you use Cordova client plugin for Azure Mobile Apps. With this plugin, you can call the platform to launch the login window instead of an iframe.

For more information, please refer to Add authentication to your Apache Cordova app.

Aaron Chen
  • 9,835
  • 1
  • 16
  • 28
  • I am using that plugin, but also had cordova-plugin-inappbrowser plugin installed that doesn't play nice with google's identity provider (doesn't like sameorigin on the iframe). I uninstalled that plugin, and appeared to get a little further, i.e., a new web window is opened. However, I now get this error `Not allowed to navigate top frame to data URL:` – James B Oct 14 '17 at 14:10