try adding firebase rewrite to oauth function

firebase.json

@@ -158,5 +158,18 @@
         ]
       }
     ]
-  }
+  },
+  "functions": [
+    {
+      "source": "functions",
+      "codebase": "default",
+      "ignore": [
+        "node_modules",
+        ".git",
+        "firebase-debug.log",
+        "firebase-debug.*.log",
+        "*.local"
+      ]
+    }
+  ]
 }

functions/.eslintrc.json

@@ -0,0 +1,123 @@
+{
+  "parserOptions": {
+    // Required for certain syntax usages
+    "ecmaVersion": 6
+  },
+  "plugins": [
+    "promise"
+  ],
+  "extends": "eslint:recommended",
+  "rules": {
+    // Removed rule "disallow the use of console" from recommended eslint rules
+    "no-console": "off",
+
+    // Removed rule "disallow multiple spaces in regular expressions" from recommended eslint rules
+    "no-regex-spaces": "off",
+
+    // Removed rule "disallow the use of debugger" from recommended eslint rules
+    "no-debugger": "off",
+
+    // Removed rule "disallow unused variables" from recommended eslint rules
+    "no-unused-vars": "off",
+
+    // Removed rule "disallow mixed spaces and tabs for indentation" from recommended eslint rules
+    "no-mixed-spaces-and-tabs": "off",
+
+    // Removed rule "disallow the use of undeclared variables unless mentioned in /*global */ comments" from recommended eslint rules
+    "no-undef": "off",
+
+    // Warn against template literal placeholder syntax in regular strings
+    "no-template-curly-in-string": 1,
+
+    // Warn if return statements do not either always or never specify values
+    "consistent-return": 1,
+
+    // Warn if no return statements in callbacks of array methods
+    "array-callback-return": 1,
+
+    // Require the use of === and !==
+    "eqeqeq": 2,
+
+    // Disallow the use of alert, confirm, and prompt
+    "no-alert": 2,
+
+    // Disallow the use of arguments.caller or arguments.callee
+    "no-caller": 2,
+
+    // Disallow null comparisons without type-checking operators
+    "no-eq-null": 2,
+
+    // Disallow the use of eval()
+    "no-eval": 2,
+
+    // Warn against extending native types
+    "no-extend-native": 1,
+
+    // Warn against unnecessary calls to .bind()
+    "no-extra-bind": 1,
+
+    // Warn against unnecessary labels    
+    "no-extra-label": 1,
+
+    // Disallow leading or trailing decimal points in numeric literals
+    "no-floating-decimal": 2,
+
+    // Warn against shorthand type conversions
+    "no-implicit-coercion": 1,
+
+    // Warn against function declarations and expressions inside loop statements
+    "no-loop-func": 1,
+
+    // Disallow new operators with the Function object
+    "no-new-func": 2,
+
+    // Warn against new operators with the String, Number, and Boolean objects
+    "no-new-wrappers": 1,
+
+    // Disallow throwing literals as exceptions
+    "no-throw-literal": 2,
+
+    // Require using Error objects as Promise rejection reasons
+    "prefer-promise-reject-errors": 2,
+
+    // Enforce “for” loop update clause moving the counter in the right direction
+    "for-direction": 2,
+
+    // Enforce return statements in getters
+    "getter-return": 2,
+
+    // Disallow await inside of loops
+    "no-await-in-loop": 2,
+
+    // Disallow comparing against -0
+    "no-compare-neg-zero": 2,
+
+    // Warn against catch clause parameters from shadowing variables in the outer scope
+    "no-catch-shadow": 1,
+
+    // Disallow identifiers from shadowing restricted names
+    "no-shadow-restricted-names": 2,
+
+    // Enforce return statements in callbacks of array methods
+    "callback-return": 2,
+
+    // Require error handling in callbacks
+    "handle-callback-err": 2,
+
+    // Warn against string concatenation with __dirname and __filename
+    "no-path-concat": 1,
+
+    // Prefer using arrow functions for callbacks
+    "prefer-arrow-callback": 1,
+
+    // Return inside each then() to create readable and reusable Promise chains.
+    // Forces developers to return console logs and http calls in promises. 
+    "promise/always-return": 2,
+
+    //Enforces the use of catch() on un-returned promises
+    "promise/catch-or-return": 2,
+
+    // Warn against nested then() or catch() statements
+    "promise/no-nesting": 1
+  }
+}

functions/.gitignore

@@ -0,0 +1,2 @@
+node_modules/
+*.local

functions/index.js

@@ -0,0 +1,88 @@
+const functions = require('firebase-functions')
+const express = require('express')
+const { AuthorizationCode } = require('simple-oauth2')
+const randomstring = require('randomstring')
+
+const oauth = functions.config().oauth
+const oauth_provider = oauth.provider || 'github'
+
+function getScript(status, content) {
+  return `
+    <script>
+      const receiveMessage = (message) => {
+        window.opener.postMessage(
+          'authorization:${oauth_provider}:${status}:${JSON.stringify(
+            content
+          )}',
+          message.origin
+        );
+
+        window.removeEventListener("message", receiveMessage, false);
+      }
+      window.addEventListener("message", receiveMessage, false);
+
+      window.opener.postMessage("authorizing:${oauth_provider}", "*");
+    </script>
+  `
+}
+
+const oauth2 = new AuthorizationCode({
+  client: {
+    id: oauth.client_id,
+    secret: oauth.client_secret
+  },
+  auth: {
+    tokenHost: oauth.git_hostname || 'https://github.com',
+    tokenPath: oauth.token_path || '/login/oauth/access_token',
+    authorizePath: oauth.authorize_path || '/login/oauth/authorize',
+  }
+})
+
+const oauthApp = express()
+
+oauthApp.get('/auth', (req, res) => {
+  const authorizationUri = oauth2.authorizeURL({
+    // redirect_uri: oauth.redirect_url,
+    redirect_uri: "https://us-central1-angular-de.cloudfunctions.net/oauth/callback",
+    scope: oauth.scopes || 'repo,user',
+    state: randomstring.generate(32)
+  })
+
+  res.redirect(authorizationUri)
+})
+
+oauthApp.get('/callback', async (req, res) => {
+  var options = {
+    code: req.query.code
+  }
+
+  if (oauth_provider === 'gitlab') {
+    options.client_id = oauth.client_id
+    options.client_secret = oauth.client_secret
+    options.grant_type = 'authorization_code'
+    options.redirect_uri = oauth.redirect_url
+  }
+
+  try {
+    const result = await oauth2.getToken(options)
+
+    return res.send(getScript('success', {
+      token: result.token.access_token,
+      provider: oauth_provider
+    }))
+  }
+  catch (error) {
+    console.error('Access Token Error', error.message)
+    res.send(getScript('error', error))
+  }
+})
+
+oauthApp.get('/success', (req, res) => {
+  res.send('')
+})
+
+oauthApp.get('/', (req, res) => {
+  res.redirect(301, `/oauth/auth`)
+})
+
+exports.oauth = functions.https.onRequest(oauthApp)