Hi. I implemented OAUTH2 SMTP. For the authentication I have to open a URL in a webbrowser. I do this cross-platform using RunProgram(uri.s) on Windows and MacOS and RunProgram("xdg-open", uri.s) on Linux.
Now I have to close the tab or window after successful authorization. But how to do this? The returned ProgramID is invalid and impossible to close. Looks like the browsers do some process magic in the background (eg tabs and browsers get new different processes).
Any idea, except using a WebGadget? The WebGadget is not reliable and does not support the cookies like the normal webbrowser does.
How to open and close webbrowser (tab)?
Re: How to open and close webbrowser (tab)?
One way to would do it:
1. in your runprogram command line, force the browser to open the URL in a new window (not a tab)
2: enumerate all top-level windows and find the authentication window handle by caption
3: send it a window close message
On Windows this can be done rather easily. I suppose a similar method could be used on Mac / Linux.
1. in your runprogram command line, force the browser to open the URL in a new window (not a tab)
2: enumerate all top-level windows and find the authentication window handle by caption
3: send it a window close message
On Windows this can be done rather easily. I suppose a similar method could be used on Mac / Linux.
Re: How to open and close webbrowser (tab)?
Thank you firace, but that is not easy:
I think I finally will end up with a browser window that must be closed by the user or try the Webgadget...
But the commandline parameters differ from Chrome, Firefox, Edge, Opera, Yandex and others. And I don't know which webbrowser is the end users default browser?1. in your runprogram command line, force the browser to open the URL in a new window (not a tab)
No problem on Windows if I solved the issue for 1). Maybe possible on MacOS with Cocoa, but impossible on Linux with KDE, Gnome and others...2: enumerate all top-level windows and find the authentication window handle by caption
I think I finally will end up with a browser window that must be closed by the user or try the Webgadget...
Re: How to open and close webbrowser (tab)?
Trying to manipulate the browser from your application is ill-advised; many browsers exist and they're constantly changing, which makes this sort of solution quite hacky/finicky and fragile. You're liable to end up killing a user's important/unrelated tabs by mistake.
As you've noted, the WebGadget(…) approach is iffy as well, since it hassles users by not carrying over sessions, configs, and extensions (such as password-managers, etc.) from their main browser. More importantly, security-conscious users will find it extremely sketchy and won't trust you.
For those reasons, desktop apps will generally handle this by simply informing the user of successful linkage — and that it's safe to close the tab — through the OAuth flow's redirect URI, e.g.:
Try linking GitHub Desktop or VSCode to GitHub and they'll show something very similar. Many other desktop apps will do the same.
You might also have your redirect page run a window.location.replace("your-app-uri-scheme://something-something") or take similar action to bring your program to the foreground (assuming a localhost redirect, just serving the page is signal enough). You could try window.close() as well, though it's likely to do nothing for most browsers in this case (as the window wasn't spawned via JS).
For web apps it's a bit more seamless since the OAuth flow can take place in a separate window controlled by a parent tab (so you can just .close() it once finished).
For mobile apps, the situation is also fairly seamless (at least since past couple years), thanks to browser modals specifically for the secure-and-convenient authentication use case (e.g., iOS's ASWebAuthenticationSession).
As you've noted, the WebGadget(…) approach is iffy as well, since it hassles users by not carrying over sessions, configs, and extensions (such as password-managers, etc.) from their main browser. More importantly, security-conscious users will find it extremely sketchy and won't trust you.
For those reasons, desktop apps will generally handle this by simply informing the user of successful linkage — and that it's safe to close the tab — through the OAuth flow's redirect URI, e.g.:
Try linking GitHub Desktop or VSCode to GitHub and they'll show something very similar. Many other desktop apps will do the same.
You might also have your redirect page run a window.location.replace("your-app-uri-scheme://something-something") or take similar action to bring your program to the foreground (assuming a localhost redirect, just serving the page is signal enough). You could try window.close() as well, though it's likely to do nothing for most browsers in this case (as the window wasn't spawned via JS).
For web apps it's a bit more seamless since the OAuth flow can take place in a separate window controlled by a parent tab (so you can just .close() it once finished).
For mobile apps, the situation is also fairly seamless (at least since past couple years), thanks to browser modals specifically for the secure-and-convenient authentication use case (e.g., iOS's ASWebAuthenticationSession).
Re: How to open and close webbrowser (tab)?
Hi yuki, thanks for the reply. I agree, all current options are bad because of all what you say. This is the reason why I posted this question in the forum 
So I will have to stay with a simple saying that the window can get closed now. I think it is sufficient as it is not needed all days.
So I will have to stay with a simple saying that the window can get closed now. I think it is sufficient as it is not needed all days.