Handling the QuickBooks OAuth callback
Intuit requires a popup to OAuth.
When OAuth'ing with another service like Twitter, EBay, etc. it is common to redirect the user using the entire page as it makes returning back to the host application technically easier. Intuit, however, requires for C2QB compliance that authentication happens in a popup.
Solution: 2 step process to handle the QuickBooks OAuth callback
Example is in Rails but easily translates to different web dev ecosystems.
Example of the controller action that maps to the Intuit App Card route/url regarding the handling of the OAuth callback (e.g. /quickbooks/oauth_callback). The "Intuit App Card" is what they call the area that various names and urls are set for development and production. Make sure to persist the QuickBooks OAuth credentials in this step.
Here is the content of
shared/close_and_redirect rendered from step 1. The
window.opener refers to your main or original page that initiated the authentication popup. Therefore, the
window.opener.location will navigate to the route you specified in
@url within the main page. Lastly, the authentication popup is closed and the user is properly OAuth'd and ready to communicate with QuickBooks.