diff --git a/main.js b/main.js index 180f25a..13f3ba5 100644 --- a/main.js +++ b/main.js @@ -49,7 +49,10 @@ function createWindow(startUrl) { experimentalFeatures: false, offscreen: false, // Ensure on-screen rendering for GPU enableWebSQL: false, // Disable deprecated features - plugins: false // Disable plugins that might interfere with GPU + plugins: false, // Disable plugins that might interfere with GPU + // OAuth compatibility settings + partition: 'persist:main', + sandbox: false // Allow full browser capabilities for OAuth }, fullscreen: false, autoHideMenuBar: true, @@ -267,18 +270,46 @@ app.whenReady().then(async () => { } }); - // Optimize session settings for performance + // Optimize session settings for performance and OAuth compatibility const ses = session.defaultSession; try { + // Configure session for OAuth compatibility (Google, etc.) + ses.setPermissionRequestHandler((webContents, permission, callback) => { + // Allow necessary permissions for OAuth flows + if (['notifications', 'geolocation', 'camera', 'microphone'].includes(permission)) { + callback(false); // Deny by default for privacy + } else { + callback(true); // Allow others like storage access + } + }); + + // Configure user agent for better compatibility + ses.setUserAgent('Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Nebula/1.0.0'); + + // Configure cookies for OAuth compatibility + ses.cookies.on('changed', (event, cookie, cause, removed) => { + // Log cookie changes for debugging OAuth issues + if (cookie.domain.includes('google') || cookie.domain.includes('accounts')) { + console.log(`Cookie ${removed ? 'removed' : 'added'}: ${cookie.name} for ${cookie.domain}`); + } + }); + // Enable request/response caching ses.webRequest.onBeforeSendHeaders((details, callback) => { + // Add headers for better OAuth compatibility details.requestHeaders['Cache-Control'] = 'max-age=3600'; + // Ensure we accept third-party cookies for OAuth flows + details.requestHeaders['Accept'] = 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8'; + // Add referrer policy for OAuth compatibility + if (details.url.includes('accounts.google.com') || details.url.includes('oauth')) { + details.requestHeaders['Referrer-Policy'] = 'strict-origin-when-cross-origin'; + } callback({ requestHeaders: details.requestHeaders }); }); // Skip preload registration as it's handled in window options - console.log('Session configured successfully'); + console.log('Session configured successfully for OAuth compatibility'); } catch (err) { console.error('Session setup error:', err); } diff --git a/oauth-debug.md b/oauth-debug.md new file mode 100644 index 0000000..e6a0535 --- /dev/null +++ b/oauth-debug.md @@ -0,0 +1,52 @@ +# Google OAuth Sign-in Debug Guide + +## Changes Made to Fix Google Sign-in Issues + +### 1. Added Proper User Agent +- Set `useragent` attribute on all webviews to identify as Chrome browser +- User agent: `Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Nebula/1.0.0` + +### 2. Enhanced Webview Security Configuration +- Added `webpreferences` attribute with proper security settings +- Enabled JavaScript and maintained web security while allowing OAuth flows + +### 3. Session Configuration for OAuth +- Configured session permissions for OAuth compatibility +- Added cookie change monitoring for Google domains +- Enhanced request headers for better OAuth compatibility +- Added referrer policy for OAuth flows + +### 4. Unified Session Partitioning +- Changed all webviews to use `persist:main` partition instead of `persist:default` +- This ensures session data is shared across tabs for OAuth flows + +## Testing Google Sign-in + +1. **Open the browser** (already running) +2. **Navigate to** any Google service (Gmail, YouTube, Drive, etc.) +3. **Click Sign In** - you should now see the Google account picker +4. **Select your account** - should take you to password/2FA screen +5. **Complete sign-in** - should successfully sign you in + +## Debug Information + +If issues persist, check the Console (F12) for: +- Cookie changes for Google domains +- OAuth redirect flows +- JavaScript errors + +## Common OAuth Issues Fixed + +- ✅ Missing User Agent (Google blocks unidentified browsers) +- ✅ Third-party cookie restrictions +- ✅ Session isolation between tabs +- ✅ Missing referrer policies +- ✅ Popup blocking for OAuth flows + +## What Should Work Now + +- Google account picker should appear +- Password entry screens should load +- Two-factor authentication should work +- OAuth redirects should complete properly +- Session should persist across tabs diff --git a/renderer/index.html b/renderer/index.html index f4e836a..b0a552d 100644 --- a/renderer/index.html +++ b/renderer/index.html @@ -63,8 +63,10 @@ diff --git a/renderer/script.js b/renderer/script.js index c6fce8b..077a5be 100644 --- a/renderer/script.js +++ b/renderer/script.js @@ -122,8 +122,11 @@ function createTab(inputUrl) { webview.id = `tab-${id}`; webview.src = resolvedUrl; webview.setAttribute('allowpopups', ''); - webview.setAttribute('partition', 'persist:default'); + webview.setAttribute('partition', 'persist:main'); webview.setAttribute('preload', '../preload.js'); + // Add attributes needed for Google OAuth and sign-in flows + webview.setAttribute('webpreferences', 'allowRunningInsecureContent=false,javascript=true,webSecurity=true'); + webview.setAttribute('useragent', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Nebula/1.0.0'); webview.addEventListener('page-favicon-updated', e => { if (e.favicons.length > 0) updateTabMetadata(id, 'favicon', e.favicons[0]); @@ -289,8 +292,11 @@ function convertHomeTabToWebview(tabId, inputUrl, resolvedUrl) { webview.id = `tab-${tabId}`; webview.src = resolvedUrl; webview.setAttribute('allowpopups', ''); - webview.setAttribute('partition', 'persist:default'); + webview.setAttribute('partition', 'persist:main'); webview.setAttribute('preload', '../preload.js'); + // Add attributes needed for Google OAuth and sign-in flows + webview.setAttribute('webpreferences', 'allowRunningInsecureContent=false,javascript=true,webSecurity=true'); + webview.setAttribute('useragent', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Nebula/1.0.0'); // Add event listeners webview.addEventListener('did-fail-load', handleLoadFail(tabId)); diff --git a/site-history.json b/site-history.json index f5f4082..2020dbf 100644 --- a/site-history.json +++ b/site-history.json @@ -1,36 +1,8 @@ [ "https://www.youtube.com/", - "https://www.andrewzambazos.com/", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "https://duckduckgo.com/?q=dogs&ia=web", - "https://duckduckgo.com/?q=dogs", - "https://www.bing.com/search?q=dogs", - "https://www.google.com/search?q=cats", - "https://github.com/", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "https://youtube.com/", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "https://youtube.com/", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "https://youtube.com/", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "https://youtube.com/", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "https://www.google.com/", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "file:///X:/Projects/Code/NebulaBrowser/renderer/index.html", - "file:///Users/andrewzambazos/Repositories/NebulaBrowser/renderer/index.html", - "https://inscribe.zambazosmedia.group/renderer/editor.html", - "https://inscribe.zambazosmedia.group/", - "file:///Users/andrewzambazos/Repositories/NebulaBrowser/renderer/index.html", - "https://www.youtube.com/watch?v=9FuNtfsnRNo", - "https://youtube.com/", - "http://homelab.andrewzambazos.com:8081/", - "file:///Users/andrewzambazos/Repositories/NebulaBrowser/renderer/index.html" + "https://www.youtube.com/?themeRefresh=1", + "https://www.youtube.com/signin?action_handle_signin=true&authuser=0&pageid=111729565634747805694&next=https%3A%2F%2Fwww.youtube.com%2F%3FthemeRefresh%3D1&feature=identity_prompt&skip_identity_prompt=true", + "https://www.youtube.com/signin_prompt?app=desktop&next=https%3A%2F%2Fwww.youtube.com%2F%3FthemeRefresh%3D1", + "https://accounts.google.com/CheckCookie?continue=https://www.youtube.com/signin?action_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252F%253FthemeRefresh%253D1&service=youtube&hl=en&flowName=GlifWebSignIn&ifkv=AdBytiNUIh7TDl3_uEbhoP4_2DB7Pr1f7TvvMAWcinC5AdgLVKbNz1muAyJi_cxweQil5fzXSIKaLw&chtml=LoginDoneHtml&gidl=EgIIAA", + "https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3Dhttps%253A%252F%252Fwww.youtube.com%252F%253FthemeRefresh%253D1&ec=65620&hl=en&ifkv=AdBytiNUIh7TDl3_uEbhoP4_2DB7Pr1f7TvvMAWcinC5AdgLVKbNz1muAyJi_cxweQil5fzXSIKaLw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2063712233%3A1754014409754471" ] \ No newline at end of file