diff --git a/src/hello.js b/src/hello.js index 3811b60d..1e1158fd 100644 --- a/src/hello.js +++ b/src/hello.js @@ -368,12 +368,29 @@ hello.utils.extend(hello, { parseInt(provider.oauth.version, 10) < 2 || (opts.display === 'none' && provider.oauth.grant && session && session.refresh_token)) { - // Add the oauth endpoints - p.qs.state.oauth = provider.oauth; - - // Add the proxy url - p.qs.state.oauth_proxy = opts.oauth_proxy; - + // Store oauth config in sessionStorage to avoid large URL headers in Chrome + // Only pass a reference ID in the state parameter + var stateId = 'oauth_state_' + p.network + '_' + Date.now(); + + try { + if (window.sessionStorage) { + window.sessionStorage.setItem(stateId, JSON.stringify({ + oauth: provider.oauth, + oauth_proxy: opts.oauth_proxy + })); + p.qs.state.oauth_state_id = stateId; + } + else { + // Fallback: include oauth data directly if sessionStorage unavailable + p.qs.state.oauth = provider.oauth; + p.qs.state.oauth_proxy = opts.oauth_proxy; + } + } + catch (e) { + // Fallback: include oauth data directly if sessionStorage fails + p.qs.state.oauth = provider.oauth; + p.qs.state.oauth_proxy = opts.oauth_proxy; + } } // Convert state to a string @@ -1155,6 +1172,22 @@ hello.utils.extend(hello.utils, { try { var state = JSON.parse(p.state); + // Retrieve oauth config from sessionStorage if oauth_state_id is present + if (state.oauth_state_id && window.sessionStorage) { + try { + var storedOAuthState = JSON.parse(window.sessionStorage.getItem(state.oauth_state_id)); + if (storedOAuthState) { + state.oauth = storedOAuthState.oauth; + state.oauth_proxy = storedOAuthState.oauth_proxy; + // Clean up sessionStorage + window.sessionStorage.removeItem(state.oauth_state_id); + } + } + catch (e) { + // Continue with state as is if sessionStorage retrieval fails + } + } + // Add this path as the redirect_uri p.redirect_uri = state.redirect_uri || location.href.replace(/[\?\#].*$/, ''); @@ -1285,6 +1318,13 @@ hello.utils.extend(hello.utils, { // If this is a page request it has no parent or opener window to handle callbacks if (('display' in obj) && obj.display === 'page') { + // Emit error event for page display mode if error exists + if (obj.error) { + hello.emit('error', { + network: network, + error: obj.error + }); + } return; } @@ -1452,6 +1492,14 @@ hello.utils.Event.call(hello); continue; } + // Check for errors in session + else if (session.error && !oldSess.error) { + // Emit the error event + hello.emit('error', { + network: name, + error: session.error + }); + } // Access_token has been removed else if (!session.access_token && oldSess.access_token) { emit('logout'); diff --git a/src/modules/instagram.js b/src/modules/instagram.js index 5079fbcf..12196bdf 100644 --- a/src/modules/instagram.js +++ b/src/modules/instagram.js @@ -15,7 +15,32 @@ // Refresh the access_token once expired refresh: true, - + logout: function(callback) { + // Instagram now requires POST method for logout instead of GET + // Using form submission via iframe to handle the logout + var form = document.createElement('form'); + form.method = 'POST'; + form.action = 'https://www.instagram.com/accounts/logout/'; + form.style.display = 'none'; + + var iframe = document.createElement('iframe'); + iframe.name = 'logout_frame'; + iframe.style.display = 'none'; + document.body.appendChild(iframe); + + form.target = 'logout_frame'; + document.body.appendChild(form); + + // Submit the form + form.submit(); + + // Clean up after a short delay + setTimeout(function() { + document.body.removeChild(form); + document.body.removeChild(iframe); + callback(); + }, 1000); + }, scope: { basic: 'basic', photos: '',