I am having troubles with my server-side login flow to Instagram. I am using:
passport.js
(passport-instagram) in my Node.js server, at the domainexample.com
- A simple
WebView
in my android client.
The issue is that sometimes after typing the credentials the client is not redirected to the callback url.
These are the URLs as seen from the client when everything is working:
https://example.com/auth/instagram : user visits my server and is redirected to instagram
https://api.instagram.com/oauth/authorize/?response_type=code&redirect_uri=https%3A%2F%2Fexample.com%2Fauth%2Fredirect%2Finstagram&client_id=XXXXX
https://example.com/auth/redirect/instagram?code=YYYYY : we reach the callback url
These are the URLs as seen from the client when the flow is not working:
https://example.com/auth/instagram : user visits my server and is redirected to instagram
https://api.instagram.com/oauth/authorize/?response_type=code&redirect_uri=https%3A%2F%2Fexample.com%2Fauth%2Fredirect%2Finstagram&client_id=XXXXX : same as before
https://www.instagram.com/oauth/authorize/?response_type=code&redirect_uri=https://example.com/auth/redirect/instagram&client_id=XXXXX
https://www.instagram.com/accounts/login/?force_classic_login=&next=/oauth/authorize/%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%3A//example.com/auth/redirect/instagram%26client_id%3DXXXXX : here I type my credentials
https://www.instagram.com/
As you can see, at the end of the login, instead of being redirected to my server, I end up in https://www.instagram.com/ (successfully logged in, by the way).
Why is this happening?
I have no idea myself. Everything seems properly encoded. Might be some Android WebView
setting that has to be tweaked (but the same WebView works great with authenticating with other auth providers), might be some passport.js
configuration error (but I am using it successfully for all other providers), ...