Any comments to this? For your convenience, I'm also attaching Chrome browser console Network report for token API call
Is there anything I'm missing? why I'm getting *Failed to load http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token <http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token>: Request header field Access-Control-Allow-Methods is not allowed by Access-Control-Allow-Headers in preflight response.* Is there anything missing? Regards Shib On Thu, Jun 28, 2018 at 11:07 AM, shibsankar <[email protected]> wrote: > Okay. I did this step as per your suggestion > > > *"...I think you have to explicitly set withCredentials atribute which is > a client side attribute to false from your angular application .."* > > > > So my current code : > > *// from Angular Controller js* > > var dataObj="grant_type=password&username=xxxxxxxxx&password=xxx > xxxxxx&scope=openid"; > > Service.callTokenAPI(dataObj) > .then(function onSuccess(response) { > console.log("Success"); > console.log("result #### = " + JSON.stringify(response)); > }, function onFailure(error) { > console.log("failure"); > }); > > > > *//from Service.js* > > var callTokenAPI = function (dataObj) { > console.log("Call server dataObj =" + angular.toJson(dataObj)); > var secret=clientKey+":"+clientPass; > var base64Encoded= btoa(secret); > console.log("base64Encoded="+base64Encoded); > return $http({ > url: tokenAPI, > method: 'POST', > data: dataObj, > *withCredentials:false,* > headers: { "Content-Type": "application/x-www-form-urlencoded" > ,"Authorization":base64Encoded} > }); > }; > > > When I run my application I get the CORS error in Chrome *browser console > *as below > > *Failed to load > http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token > <http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token>: Request > header field Access-Control-Allow-Methods is not allowed by > Access-Control-Allow-Headers in preflight response.* > > > Configuration changes to enable CORS in wso2 server screenshots are > attached. > > > Is there anything I'm missing now? > > Regards > Shib > > > > > On Tue, Jun 26, 2018 at 5:51 PM, Ishara Cooray <[email protected]> wrote: > >> Hi Shib, >> >> Configuration changes to enable CORS in wso2 server seem to be correct. >> >> I think you have to explicitly set withCredentials atribute which is a >> client side attribute to false from your >> angular application or whitelist the origin in api-manager.xml without >> using '*'. >> >> Please refer [1] >> >> [1] https://stackoverflow.com/questions/42803394/cors-credential >> s-mode-is-include >> >> Thanks & Regards, >> Ishara Cooray >> Senior Software Engineer >> Mobile : +9477 262 9512 >> WSO2, Inc. | http://wso2.com/ >> Lean . Enterprise . Middleware >> >> On Tue, Jun 26, 2018 at 12:30 PM, shibsankar <[email protected]> wrote: >> >>> I'm receiving CORS errors from WSO2 in Chrome browser console. >>> >>> >>> Here is my angular application code & WSO2 CORS configuration >>> screenshots attached. >>> >>> >>> >>> *// from Angular Controller js* >>> >>> var dataObj="grant_type=password&username=xxxxxxxxx&password=xxx >>> xxxxxx&scope=openid"; >>> >>> Service.callTokenAPI(dataObj) >>> .then(function onSuccess(response) { >>> console.log("Success"); >>> console.log("result #### = " + JSON.stringify(response)); >>> }, function onFailure(error) { >>> console.log("failure"); >>> }); >>> >>> >>> >>> *//from Service.js* >>> >>> var callTokenAPI = function (dataObj) { >>> console.log("Call server dataObj =" + angular.toJson(dataObj)); >>> var secret=clientKey+":"+clientPass; >>> var base64Encoded= btoa(secret); >>> console.log("base64Encoded="+base64Encoded); >>> return $http({ >>> url: tokenAPI, >>> method: 'POST', >>> data: dataObj, >>> headers: { "Content-Type": "application/x-www-form-urlencoded" >>> ,"Authorization":base64Encoded} >>> }); >>> }; >>> >>> >>> When I run my application I get the CORS error as below attached. >>> >>> *CORS Error in Chrome Browser Console :* >>> >>> >>> >>> >>> >>> >>> I have the CORS config settings in these mentioned files* (screenshot >>> attached)* >>> *api-manager.xml* >>> *_tokenapi_.xml* >>> *-revokeapi_.xml* >>> >>> >>> I'm still receiving CORS errors from WSO2. >>> >>> Is there anything I'm missing? >>> >>> Regards >>> Shib >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
