OAuth & One-Page Apps: Avoiding the Redirect

I kinda sound like a grumpy old man, constantly complaining about the same stuff. But..<p>For the love of everything that's holy, stop adding these totally useless social media bars that are floating on top of your potentially interesting content. This entry is unreadable on the go, I'll probably forget to come back later today and the only thing I'll recall is that there was another "of those" useless submissions.

We, Backup Box, are a one page app and we do OAuth without redirect all the time. In fact we have one script that handles all the OAuth processes and any new ones we need to create just pop in and there's no customization to be done.<p>I open a new window (tab) with the OAuth process and since I opened the tab I can redirect to some quick closing script and my main code is waiting for the auth process to finish. Once it does the user is through. Easy peasy.<p><a href="https://mybackupbox.com" rel="nofollow">https://mybackupbox.com</a>

That page is spazzing out at me in Mobile Safari. Some kind of responsive style script conflicting with Safari's auto-formatter?

Is there a best practice of doing authentication for single-page apps when you don't want to use an external OAuth provider, since a lot of people don't have Twitter/Facebook accounts?<p>Would you end up writing your own OAuth provider in that case?

that chart makes an extremely simple flow extraordinarily hard to understand.