Hi Shib, The error says *Request header field Access-Control-Allow-Methods is not allowed by Access-Control-Allow-Headers*
Shall we put *access-control-allow-methods* into Access-Control-Allow-Headers attribute in api-manager.xml try? Thanks & Regards, Ishara Cooray Senior Software Engineer Mobile : +9477 262 9512 WSO2, Inc. | http://wso2.com/ Lean . Enterprise . Middleware On Fri, Jun 29, 2018 at 10:47 AM, shibsankar <[email protected]> wrote: > I believe you meant this configuration (attached). > > I already have it. > > > Please let me know if you mean something else? > > Regards > Shib > > > > > On Fri, Jun 29, 2018 at 10:40 AM, Pubudu Gunatilaka <[email protected]> > wrote: > >> Please find the link in [1]. >> >> >> [1] - https://docs.wso2.com/display/AM210/Include+Additional+ >> Headers+in+the+API+Console >> >> On Fri, Jun 29, 2018 at 10:34 AM shibsankar <[email protected]> wrote: >> >>> your Link is not opening. >>> >>> Could you please check and resend the link? >>> >>> Regards >>> Shib >>> >>> >>> On Fri, Jun 29, 2018 at 10:25 AM, Pubudu Gunatilaka <[email protected]> >>> wrote: >>> >>>> Hi Shib, >>>> >>>> Have you enabled CORs for token endpoint? If not could you please >>>> enable CORs for token as in https://docs.wso2.com/displ >>>> ay/AM210/Include+Additional+Headers+in+the+API+Console. >>>> >>>> Last part of the document explains how to enable CORs for token >>>> endpoint and other Oauth2 APIs. >>>> >>>> Thank you! >>>> >>>> On Thu, Jun 28, 2018 at 12:41 PM shibsankar <[email protected]> wrote: >>>> >>>>> Any comments to this? >>>>> >>>>> For your convenience, I'm also attaching Chrome browser console >>>>> Network report for token API call >>>>> >>>>> Is there anything I'm missing? >>>>> >>>>> why I'm getting *Failed to >>>>> load http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token >>>>> <http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token>: Request >>>>> header field Access-Control-Allow-Methods is not allowed by >>>>> Access-Control-Allow-Headers in preflight response.* >>>>> >>>>> Is there anything missing? >>>>> >>>>> Regards >>>>> Shib >>>>> >>>>> >>>>> >>>>> On Thu, Jun 28, 2018 at 11:07 AM, shibsankar <[email protected]> wrote: >>>>> >>>>>> Okay. I did this step as per your suggestion >>>>>> >>>>>> >>>>>> *"...I think you have to explicitly set withCredentials atribute >>>>>> which is a client side attribute to false from your angular application >>>>>> .."* >>>>>> >>>>>> >>>>>> >>>>>> So my current code : >>>>>> >>>>>> *// from Angular Controller js* >>>>>> >>>>>> var dataObj="grant_type=password&username=xxxxxxxxx&password=xxx >>>>>> xxxxxx&scope=openid"; >>>>>> >>>>>> Service.callTokenAPI(dataObj) >>>>>> .then(function onSuccess(response) { >>>>>> console.log("Success"); >>>>>> console.log("result #### = " + JSON.stringify(response)); >>>>>> }, function onFailure(error) { >>>>>> console.log("failure"); >>>>>> }); >>>>>> >>>>>> >>>>>> >>>>>> *//from Service.js* >>>>>> >>>>>> var callTokenAPI = function (dataObj) { >>>>>> console.log("Call server dataObj =" + angular.toJson(dataObj)); >>>>>> var secret=clientKey+":"+clientPass; >>>>>> var base64Encoded= btoa(secret); >>>>>> console.log("base64Encoded="+base64Encoded); >>>>>> return $http({ >>>>>> url: tokenAPI, >>>>>> method: 'POST', >>>>>> data: dataObj, >>>>>> *withCredentials:false,* >>>>>> headers: { "Content-Type": "application/x-www-form-urlencoded" >>>>>> ,"Authorization":base64Encoded} >>>>>> }); >>>>>> }; >>>>>> >>>>>> >>>>>> When I run my application I get the CORS error in Chrome *browser >>>>>> console >>>>>> *as below >>>>>> >>>>>> *Failed to load >>>>>> http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token >>>>>> <http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token>: Request >>>>>> header field Access-Control-Allow-Methods is not allowed by >>>>>> Access-Control-Allow-Headers in preflight response.* >>>>>> >>>>>> >>>>>> Configuration changes to enable CORS in wso2 server screenshots are >>>>>> attached. >>>>>> >>>>>> >>>>>> Is there anything I'm missing now? >>>>>> >>>>>> Regards >>>>>> Shib >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Tue, Jun 26, 2018 at 5:51 PM, Ishara Cooray <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi Shib, >>>>>>> >>>>>>> Configuration changes to enable CORS in wso2 server seem to be >>>>>>> correct. >>>>>>> >>>>>>> I think you have to explicitly set withCredentials atribute which >>>>>>> is a client side attribute to false from your >>>>>>> angular application or whitelist the origin in api-manager.xml >>>>>>> without using '*'. >>>>>>> >>>>>>> Please refer [1] >>>>>>> >>>>>>> [1] https://stackoverflow.com/questions/42803394/cors-credential >>>>>>> s-mode-is-include >>>>>>> >>>>>>> Thanks & Regards, >>>>>>> Ishara Cooray >>>>>>> Senior Software Engineer >>>>>>> Mobile : +9477 262 9512 >>>>>>> WSO2, Inc. | http://wso2.com/ >>>>>>> Lean . Enterprise . Middleware >>>>>>> >>>>>>> On Tue, Jun 26, 2018 at 12:30 PM, shibsankar <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> I'm receiving CORS errors from WSO2 in Chrome browser console. >>>>>>>> >>>>>>>> >>>>>>>> Here is my angular application code & WSO2 CORS configuration >>>>>>>> screenshots attached. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> *// from Angular Controller js* >>>>>>>> >>>>>>>> var dataObj="grant_type=password&username=xxxxxxxxx&password=xxx >>>>>>>> xxxxxx&scope=openid"; >>>>>>>> >>>>>>>> Service.callTokenAPI(dataObj) >>>>>>>> .then(function onSuccess(response) { >>>>>>>> console.log("Success"); >>>>>>>> console.log("result #### = " + JSON.stringify(response)); >>>>>>>> }, function onFailure(error) { >>>>>>>> console.log("failure"); >>>>>>>> }); >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> *//from Service.js* >>>>>>>> >>>>>>>> var callTokenAPI = function (dataObj) { >>>>>>>> console.log("Call server dataObj =" + angular.toJson(dataObj)); >>>>>>>> var secret=clientKey+":"+clientPass; >>>>>>>> var base64Encoded= btoa(secret); >>>>>>>> console.log("base64Encoded="+base64Encoded); >>>>>>>> return $http({ >>>>>>>> url: tokenAPI, >>>>>>>> method: 'POST', >>>>>>>> data: dataObj, >>>>>>>> headers: { "Content-Type": "application/x-www-form-urlencoded" >>>>>>>> ,"Authorization":base64Encoded} >>>>>>>> }); >>>>>>>> }; >>>>>>>> >>>>>>>> >>>>>>>> When I run my application I get the CORS error as below attached. >>>>>>>> >>>>>>>> *CORS Error in Chrome Browser Console :* >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> I have the CORS config settings in these mentioned files* >>>>>>>> (screenshot attached)* >>>>>>>> *api-manager.xml* >>>>>>>> *_tokenapi_.xml* >>>>>>>> *-revokeapi_.xml* >>>>>>>> >>>>>>>> >>>>>>>> I'm still receiving CORS errors from WSO2. >>>>>>>> >>>>>>>> Is there anything I'm missing? >>>>>>>> >>>>>>>> Regards >>>>>>>> Shib >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Dev mailing list >>>>>>>> [email protected] >>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> [email protected] >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>> >>>> >>>> -- >>>> *Pubudu Gunatilaka* >>>> Committer and PMC Member - Apache Stratos >>>> Senior Software Engineer >>>> WSO2, Inc.: http://wso2.com >>>> mobile : +94774078049 >>>> >>>> >>> >> >> -- >> *Pubudu Gunatilaka* >> Committer and PMC Member - Apache Stratos >> Senior Software Engineer >> WSO2, Inc.: http://wso2.com >> mobile : +94774078049 >> >> >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
