I have an OAuths flow (code grant, native app) that works like so:
- User opens a native app and clicks on a login button in it
- User's Default web browser is lunched and navigates to
www.domain1.com/authorize - User is redirected (302) to a login page at
www.domain1.com/login.html(a react page) - User enters his credentials and submits
- Login page calls
www.domain1.com/loginon submit - If the credentials are correct then the login page gets a redirect (302) to
com.mycompany.app://callbackas a response to the call towww.domain1.com/login - Browser follows redirect (302) to
com.mycompany.app://callback
Now, I expected the native app associated with the private URI scheme com.mycompany.app://callback to get the callback and open. However, what actually happens is that the browser returns an error (this one is in chrome, in Firefox and Safari the message is a bit different but same meaning):
Cross origin requests are only supported for protocol schemes: http, data, isolated-app, chrome-extension, chrome, https, chrome-untrusted
I saw a not-so-similar issues with trying to access a local file file:// but the situation I have is different. Also, I have no option to add 'http' or 'https' since this will cause the redirect to navigate to a web address and not to a local private URI.
Anyone know why is that? how can I get rid of the error and get the desired behavior?
