I'm adding a "Sign In with Google" federated login button to my site. For desktop I'm using the popup window which works great like this:
gapi.auth2.init();
gapi.auth2.getAuthInstance().signIn().then(function(user) {
var id_token = user.getAuthResponse().id_token;
// ajax call to pass this to server
});
However on mobile we want to use redirects instead of popups, since separate tabs are a little awkward in mobile browsers. I just change to:
gapi.auth2.init({
ux_mode: 'redirect',
redirect_uri: 'http://example.com/google_login/'
});
This works but it adds the id_token I need as a hash fragment, which the server can't see. It ends up at:
http://example.com/google_login/#id_token=ASDFASDFASDFASDF
I guess I could render a connector page with a script tag the pulls out window.location.hash and redirects to itself with that as a query param, but seems crazy I'd have to do that. Is there a better way?