Handling an oAuth flow from local HTML files?

I've got a local HTML + Javascript file that consumes a JSON API. I'd like to authenticate users via Facebook, but I'm not sure if that's possible -- does anyone have experience with this? I'm unsure of how the redirect (back from Facebook) would be managed when we're serving from a file开发者_StackOverflow社区:// context.

Just do it! :)

And you'll see.

PS Maybe you should encode some characters like ":", "/" etc

Unfortunately, it won't work from a file:// context for a couple reasons:

1. In most modern browsers, Javascript cookies won't work with the file:// protocol, which is how you would probably authenticate your users. This can be solved by hosting the page using http:// from localhost.

2. In order to log a client in using facebook, you need a registered facebook app, and to register your facebook app, you have to give facebook a static domain where your app will be hosted. This is to ensure that requests for your app come from your domain and not from an attacker residing at a different domain.

Last but not least, because your users have to authorize your app on facebook.com, you also need to specify a redirect url after their successful login, which would be very challenging to circumvent.

it won't work under file:// context. as James said, authentication through facebook requires your have a hosted web page and also register your site as facebook app; and also , facebook will need to redirect the browser to a so called "callback" url, which must be a http:// web page.

you can choose to host your webpage in a local web server instead