My similar works fine, granted the first thing I do on return to application is not show a chat but store the OAUTH in a session and redirect back to the app without a query string attached…
(Saves leaving a valid query string on the screen or cached in my history)
Maybe look at the Javascript SDK to handle your login instead?