I'm trying to handle OAuth from a react app. Rather than using an external service like Firebase or AuthO, I would like to handle OAuth login to facebook, google, twitter myself. (Regardless of the backend, OAuth libraries that can verify and trade the token for user info abound).
Here is the basic flow:
- React SPA opens seperate [popup/iframe/browser tab] to our server
- Our server creates OAuth URL payload and issues redirect to fb/google/twitter
- User login on fb/google/twitter redirect back to our server
- Our server communicates with React SPA 4.1. If same origin 4.1.1. Using localStorage