From my wrt widget, I must visit an external website to logon to, grant access to their service and in return they display a verification code that my users then have to retype in my widget. My phone browser does not allow for displayed text to be copied an pasted into my widget. This makes it a tedious process that has to be repeated once a month.
I am looking for an easier method.

Scenarios:
1. instead of launching a browser using widget.openURL, display the website inside an iframe - this does not work, since the origin is different and the content is inaccessible for my widget
2. I can provide a static, not dynamic callback url to the service that they can redirect to after my user has granted access. But how would I create such a callback URL? If I inspect the this.location property of the widget, I can see that it differs per installation, but even if it weren't, could this be a solution?

Any thoughts?