On Fri, Jun 15, 2018 at 5:21 PM Farasath Ahamed <[email protected]> wrote:
> > > On Thu, Jun 14, 2018 at 3:32 PM, shibsankar <[email protected]> wrote: > >> *grant_type=password.* >> >> >> >> For your convenience, I am providing the Angular JS relevant code >> >> >> *// from Angular Controller js* >> >> var dataObj=" >> grant_type=password&username=xxxxxxxxx&password=xxxxxxxxx&scope=openid"; >> >> Service.callTokenAPI(dataObj) >> .then(function onSuccess(response) { >> console.log("Success"); >> console.log("result #### = " + JSON.stringify(response)); >> }, function onFailure(error) { >> console.log("failure"); >> }); >> >> >> >> *//from Service.js* >> >> var callTokenAPI = function (dataObj) { >> console.log("Call server dataObj =" + angular.toJson(dataObj)); >> var secret=clientKey+":"+clientPass; >> var base64Encoded= btoa(secret); >> console.log("base64Encoded="+base64Encoded); >> return $http({ >> url: tokenAPI, >> method: 'POST', >> data: dataObj, >> headers: { "Content-Type": "application/json;charset=utf-8" >> ,"Authorization":base64Encoded} >> }); >> }; >> >> > Can you try setting the 'content-type' header to > 'application/x-www-form-urlencoded'? (Check [1]) > > [1] > https://security.stackexchange.com/questions/187311/why-cors-preflight-is-not-available-for-post-requests-when-content-type-is-appli/187312#187312 > This should work. Also I think the reason for your observation is when adding CORS related configs in tokenapi.xml and revokeapi.xml files, the CORS allowing is not getting applied for the inbound and outbound requests which uses 8280 and 8243 ports, just to confirm can you please try allowing 9443 for this and make this call ? > > >> >> When I run this I am getting CORS error screenshot shared earlier. >> >> Regards >> Shib >> >> >> On Thu, Jun 14, 2018 at 3:00 PM, Rushmin Fernando <[email protected]> >> wrote: >> >>> Could you please let us know the grant type you are using here. I would >>> like to know whether this is a valid use case. >>> >>> On Thu, Jun 14, 2018 at 2:54 PM shibsankar <[email protected]> wrote: >>> >>>> Yes. I get same CORS error with the correct endpoint, which is */* >>>> *token* >>>> >>>> screenshot attached. >>>> >>>> Regards >>>> Shib >>>> >>>> On Thu, Jun 14, 2018 at 2:42 PM, Rushmin Fernando <[email protected]> >>>> wrote: >>>> >>>>> In the console logs, it says */toekn, *which is wrong spellings. >>>>> >>>>> Do you get the same CORS error with the correct endpoint, which is >>>>> */**token >>>>> *? >>>>> >>>>> On Thu, Jun 14, 2018 at 2:26 PM shibsankar <[email protected]> wrote: >>>>> >>>>>> I am receiving CORS Error when I call the WSO2 token API from >>>>>> Angular JS application. >>>>>> >>>>>> How do you fix this? >>>>>> >>>>>> Regards >>>>>> Shib(9831418066) >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>> >>>>> >>>>> -- >>>>> *Best Regards* >>>>> >>>>> *Rushmin Fernando* >>>>> *Technical Lead* >>>>> >>>>> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >>>>> >>>>> mobile : +94775615183 >>>>> >>>>> >>>>> >>>> >>> >>> -- >>> *Best Regards* >>> >>> *Rushmin Fernando* >>> *Technical Lead* >>> >>> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >>> >>> mobile : +94775615183 >>> >>> >>> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Farasath Ahamed > Senior Software Engineer, WSO2 Inc.; http://wso2.com > Mobile: +94777603866 > Blog: blog.farazath.com > Twitter: @farazath619 <https://twitter.com/farazath619> > <http://wso2.com/signature> > > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- Prakhash Sivakumar Senior Software Engineer | WSO2 Inc Platform Security Team Mobile : +94771510080 Blog : https://medium.com/@PrakhashS
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
