when does the passport.js failure redirect gets hit?

Question

I have been using passport.js to perform OAuth. So the redirect URI gets hit after successful authentication, However for the failure scenarios. I am not able to trigger it anyway,

What happens in the following scenarios?

1. When the google/twitter or any OAuth provider opens their sign-in page but the user doesn't respond at all / closes the browser window /, how do I hit the failure URL/redirect URL after a timeout.

2. There isn't any cancel button to abort the Google OAuth sign-in, I expect at least then failure gets called.

Basically, all I wanted to know is, all possible use cases/scenarios do the failure URL gets called?

Sample code for Google OAuth redirect, I believe the failure scenarios are same for all the OAuth providers.

app.get('/oauth/failure', function (req, res, next){
    console.log('Query params:', req.params.provider); 
    console.log('failure login called');
    res.send("<script> window.close()</script>");
});

app.get('/oauth/redirect/google', passport.authenticate('google', { failureRedirect: '/oauth/failure?provider=google' }), (req, res) => {
    if(req.user.id){
         // gets executed for successful authentication
         let redirectUrl = `http://localhost:8082/auth.html?pid=${req.user.id}`
         res.redirect(redirectUrl)
     }
});

The above is just an example from passport-google-oauth, I beleive same is the case for any passport strategy.

Answer 1

If authentication fails ( the user enters wrong email or password ), the user will be redirected back to the page of your choice for another attempt.

Answer 2

When a user grants OAuth access, He himself hits the redirect uri and as far as I know there is no way to know if the user rejected access. If you would like to implement a failure Redirect URI you can add a window.onbeforeunload event listener and hit your failure endpoint whenever a user is about to exit your page.