Access-Control-Allow-Origin拒绝spotify api [英] Access-Control-Allow-Origin denied spotify api
问题描述
我正在尝试访问Spotify API令牌,如下所示:
I'm trying to access to the Spotify API token like so:
$.ajax({
url: "https://accounts.spotify.com/api/token",
type: 'POST',
contentType: "application/json; charset=\"utf-8\"",
crossDomain: true,
data: {
grant_type: "authorization_code",
code: code,
redirect_uri: "http://www.bancadigital.com.br/spotifyteste/callback.html"
},
processData: false,
dataType: "json",
headers: {
Authorization: "Basic " + utf8_to_b64(key)
},
success: function( response ) {
alert(response.access_token);
},
});
但该服务返回以下错误:
but the service returns the following error:
XMLHttpRequest无法加载 https://accounts.spotify.com/api/token 。请求的资源上不存在Access-Control-Allow-Origin标头。因此,不允许访问 http://www.bancadigital.com.br 。
XMLHttpRequest cannot load https://accounts.spotify.com/api/token. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.bancadigital.com.br' is therefore not allowed access.
有谁知道如何访问该服务?
Does anyone know how I can access the service?
推荐答案
对 https://accounts.spotify.com/api/token 的请求需要在服务器端进行,而不是作为AJAX请求。
The request to https://accounts.spotify.com/api/token needs to be made server side and not as an AJAX request.
这样,您的键(包含应用程序的凭据)将不会公开。此外,Spotify服务器将能够将请求与访问令牌一起重定向到 redirect_uri 。
This way your key, which contains the credentials for your application, won't be exposed. Also, the Spotify server will be able to redirect the request to the redirect_uri together with the access token.
替代方法是使用隐式授权流程,您可以在其中运行所有客户端但是你不会得到刷新令牌。
An alternative is to use the implicit grant flow where you can run everything client side, but you will not get a refresh token.
我建议你查看 Spotify Web API授权指南,请检查使用auth示例的GitHub repo 并查看库和包装器,可以更轻松地实现OAuth流程。
I would recommend you to review the Spotify Web API Authorization Guide, check the GitHub repo with auth examples and take a look at the libraries and wrappers that make it easier to implement the OAuth flow.
这篇关于Access-Control-Allow-Origin拒绝spotify api的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
