向OAuth2访问令牌发出Ajax请求时发生CORS问题 [英] CORS issue while making an Ajax request for oauth2 access token

问题描述

我正在从客户端到Google oauth 2 API 'https://accounts.google.com/o/oauth2/auth?redirect_uri=http://blah.com&的ajax调用; response_type = token& client_id ....'获取访问令牌，但出现以下错误：

I am making an ajax call from my client to the google oauth 2 API 'https://accounts.google.com/o/oauth2/auth?redirect_uri=http://blah.com&response_type=token&client_id....' to get the access token, but i get following error:

对飞行前请求的响应未通过访问控制检查：
所请求的
资源上不存在 Access-Control-Allow-Origin标头。因此，不允许
访问源 http://blah-blah.com

我希望通话为ajax，以便在通过 url进行通话时不会打扰用户或 window.location.href 或换句话说，我如何获取访问令牌以使整个页面无法加载，并且有可能解决上面的错误？

I want the call to be ajax so that the user is not disturbed when the call is made through url or window.location.href or in other words, how can i get the access token such that the whole page does not load, and is it possible to resolve the above error???

推荐答案

OAuth2身份验证端点在设计上不支持AJAX。这是身份验证系统的入口，因此您必须通过重定向到达那里。身份验证的结果再次是重定向到您提供的URL，因此AJAX在这里没有多大意义。

OAuth2 auth endpoint doesn't support AJAX by design. It's an entry point to the authentication system, so you must get there by redirect. The result of the authentication is again a redirect to the URL you provide, so AJAX doesn't make much sense there.

这篇关于向OAuth2访问令牌发出Ajax请求时发生CORS问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！