No redirect during Twitch 2FA


#1

Hi,
I’m trying to implement Twitch Oauth authentication in my Electron app, but it’s misbehaving.

Posted about it here, but I’ll cover the important bits again.

I’m using the following code to initiate the authentication process via regular web browsing.

let auth = url.format({
	protocol: "https",
	host: "api.twitch.tv",
	pathname: "kraken/oauth2/authorize",
	query: {
		response_type: "token",
		redirect_uri: "http://localhost",
		scope: "channel_editor",
		client_id: CLIENT_ID,
	},
})
const remote = require('electron').remote;
const BrowserWindow = remote.BrowserWindow;
var win = new BrowserWindow({ width: 800, height: 600 });
win.loadURL(auth)

This works fine and sends me to the Twitch login page. I enter my own Twitch account details, but after submitting them it sends me to a page displaying the following text:
{"redirect":"/twofactor/new?client_id=mi6jyhrlwjmi2h8wxk6yyx2urusseu2\u0026code=possiblysecretcodeilljustomit\u0026embed=false\u0026kraken_oidc_nonce=\u0026nonce=thisonetoomaybe\u0026redirect_uri=http%3A%2F%2Flocalhost\u0026request_id=\u0026response_type=token\u0026scope=channel_editor\u0026state=\u0026sudo_reason="}
I have 2FA attached to my Twitch account, so at this point it’s supposed to give me a page where I can enter my security code, and when I enter the original URL and complete the process using Google Chrome instead, that is what happens.

I don’t know if this is a fault of Twitch or Electron, and I don’t know much how these things work, but I’m assuming I’m supposed to see the same behavior that I am in Chrome.