[vnorby]

If you open the OAuth flow in a pop-up, with window.open (actually, for most browsers to open a pop-up, the user has to actually click on a link, so your href should be javascript:window.open("https://oauth_start) - target="_blank" might work as well but I can't remember), after the user has completed the authentication and ended back up on your site, you can trigger a function on the parent window and close the pop-up, like window.parent.facebookAuthenticationComplete(); window.close(); I think this is a lot easier and more reliable than pushing anything through a node/pub-sub solution.

[chucknibbleston]

I agree; the whole node socket/handshake is a ton of overhead if you're not interested in using the socket to make calls over the API you just authenticated.

[ew]

You can actually trigger the close function from the window that has been opened. Since it was opened programmatically it can be closed programmatically.