Move OAuth debug doc and update README

Renamed 'oauth-debug.md' to 'documentation/oauth-debug.md' and updated the README to reference the new location.
This commit is contained in:
2025-08-01 14:15:45 +12:00
parent dd82dd3fea
commit 37d52ef3b0
2 changed files with 1 additions and 0 deletions
+52
View File
@@ -0,0 +1,52 @@
# Google OAuth Sign-in Debug Guide
## Changes Made to Fix Google Sign-in Issues
### 1. Added Proper User Agent
- Set `useragent` attribute on all webviews to identify as Chrome browser
- User agent: `Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Nebula/1.0.0`
### 2. Enhanced Webview Security Configuration
- Added `webpreferences` attribute with proper security settings
- Enabled JavaScript and maintained web security while allowing OAuth flows
### 3. Session Configuration for OAuth
- Configured session permissions for OAuth compatibility
- Added cookie change monitoring for Google domains
- Enhanced request headers for better OAuth compatibility
- Added referrer policy for OAuth flows
### 4. Unified Session Partitioning
- Changed all webviews to use `persist:main` partition instead of `persist:default`
- This ensures session data is shared across tabs for OAuth flows
## Testing Google Sign-in
1. **Open the browser** (already running)
2. **Navigate to** any Google service (Gmail, YouTube, Drive, etc.)
3. **Click Sign In** - you should now see the Google account picker
4. **Select your account** - should take you to password/2FA screen
5. **Complete sign-in** - should successfully sign you in
## Debug Information
If issues persist, check the Console (F12) for:
- Cookie changes for Google domains
- OAuth redirect flows
- JavaScript errors
## Common OAuth Issues Fixed
- ✅ Missing User Agent (Google blocks unidentified browsers)
- ✅ Third-party cookie restrictions
- ✅ Session isolation between tabs
- ✅ Missing referrer policies
- ✅ Popup blocking for OAuth flows
## What Should Work Now
- Google account picker should appear
- Password entry screens should load
- Two-factor authentication should work
- OAuth redirects should complete properly
- Session should persist across tabs