We are not in control of the filtering software - this is an issue reported by one of our clients in the K-12 education sector, thus why this is such an issue.
Others have reported the same issue (a link was provided above).
The customer reporting this issue has a number of safeguards in place, including a Smart Agent installed on the students computers.
This is an example of the sequence used to get to a Google search page within the browser window that is opened during an OAuth2 request.
With a web page open - our "Read The Web" extension is started.
"Sign in with Microsoft" button is selected on the RTW extension.
A browser window is opened with the Microsoft sign-in page presented from an oauth2 request.
Sign in options is selected on this page - a Sign-in Options page is presented. * NOTE :: THIS option we DO NOT want available *
Sign in with GitHub (personal accounts only) is selected.
A "Sign in with GitHub to continue to Microsoft-Corporation" page is presented.
The 'Security' link at the bottom of this page is clicked.
The page 'https://github.com/security' is presented.
At the bottom on the page, click on the 'YouTube' link
The GitHub YouTube landing page is presented.
Click on the Sign-In button.
A Google sign-in page is presented.
Click on the 'Learn More' link under 'Use Guest mode ... '
A 'Google Chrome Help' page is presented.
Click on 'Terms of Service' link at the bottom of the page.
a Google TOS page is presented.
Click on 'Main Menu' icon at top left of the page.
Click on the Google logo.
A Google search page is presented.
At this point, the user can search for any page they want to visit (ie Twitter, etc) and this circumvents their browser filter software.
Yes this quite involved and is an example of only one possible vector.
As we provide this web extension for use in education, we are only able to control the configuration of the sign in page - this is where we want to not provide the Sign-in options at all. These options will not be needed by our customers ever.