1
0
-1

I want to integrate a third party service that requires authentication into a Maestro form. I can't use an iframe as the service uses X-Frame-Options header. I've got it working with

Util.openURL(url)

from the Maestro API. But its not a great user experience; the user has to manually switch back to the form tab when done, and press a button to refresh the status of authentication. I tried to setup polling on the status, ran into CSP issues. What's the best practice here? The owners of the third party service suggest a model like

https://stackoverflow.com/questions/7606071/how-can-i-do-oauth-request-by-open-new-window-instead-of-redirect-user-from-cur

Are we OK doing this in an Avoka form?


    CommentAdd your comment...

    3 answers

    1.  
      1
      0
      -1

      I resolved this in the end by using a solution similar to the polling example in the answer here:

      https://stackoverflow.com/questions/3291712/is-it-possible-to-open-a-popup-with-javascript-and-then-detect-when-the-user-clo#3291931

      Popup blocking needs to be turned off. Works ok in desktop browsers and Safari in iOS


        CommentAdd your comment...
      1.  
        1
        0
        -1

        Have you tried managing the CSP settings on Manager?

        Managing Content Security Policy (CSP) Settings

        1. Andy Geach

          Thanks Ben Warner. In this case, the CSP errors I was seeing were die to me doing something stupid. But thanks for the tip. Another feature of TM that I didn't know about (smile)

        CommentAdd your comment...
      2.  
        1
        0
        -1

        Hi Andy,

        That sounds like something that should be done in a Groovy service in TM, rather than in the form itself.

        1. Andy Geach

          Thanks Bill Frost. The credentials for the service come from the user, so that is not appropriate in this case

        CommentAdd your comment...