I believe you meant this configuration (attached). I already have it.
Please let me know if you mean something else? Regards Shib On Fri, Jun 29, 2018 at 10:40 AM, Pubudu Gunatilaka <pubu...@wso2.com> wrote: > Please find the link in [1]. > > > [1] - https://docs.wso2.com/display/AM210/Include+ > Additional+Headers+in+the+API+Console > > On Fri, Jun 29, 2018 at 10:34 AM shibsankar <src...@gmail.com> wrote: > >> your Link is not opening. >> >> Could you please check and resend the link? >> >> Regards >> Shib >> >> >> On Fri, Jun 29, 2018 at 10:25 AM, Pubudu Gunatilaka <pubu...@wso2.com> >> wrote: >> >>> Hi Shib, >>> >>> Have you enabled CORs for token endpoint? If not could you please enable >>> CORs for token as in https://docs.wso2.com/display/AM210/Include+ >>> Additional+Headers+in+the+API+Console. >>> >>> Last part of the document explains how to enable CORs for token endpoint >>> and other Oauth2 APIs. >>> >>> Thank you! >>> >>> On Thu, Jun 28, 2018 at 12:41 PM shibsankar <src...@gmail.com> wrote: >>> >>>> Any comments to this? >>>> >>>> For your convenience, I'm also attaching Chrome browser console >>>> Network report for token API call >>>> >>>> Is there anything I'm missing? >>>> >>>> why I'm getting *Failed to >>>> load http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token >>>> <http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token>: Request >>>> header field Access-Control-Allow-Methods is not allowed by >>>> Access-Control-Allow-Headers in preflight response.* >>>> >>>> Is there anything missing? >>>> >>>> Regards >>>> Shib >>>> >>>> >>>> >>>> On Thu, Jun 28, 2018 at 11:07 AM, shibsankar <src...@gmail.com> wrote: >>>> >>>>> Okay. I did this step as per your suggestion >>>>> >>>>> >>>>> *"...I think you have to explicitly set withCredentials atribute which >>>>> is a client side attribute to false from your angular application .."* >>>>> >>>>> >>>>> >>>>> So my current code : >>>>> >>>>> *// from Angular Controller js* >>>>> >>>>> var dataObj="grant_type=password&username=xxxxxxxxx&password= >>>>> xxxxxxxxx&scope=openid"; >>>>> >>>>> Service.callTokenAPI(dataObj) >>>>> .then(function onSuccess(response) { >>>>> console.log("Success"); >>>>> console.log("result #### = " + JSON.stringify(response)); >>>>> }, function onFailure(error) { >>>>> console.log("failure"); >>>>> }); >>>>> >>>>> >>>>> >>>>> *//from Service.js* >>>>> >>>>> var callTokenAPI = function (dataObj) { >>>>> console.log("Call server dataObj =" + angular.toJson(dataObj)); >>>>> var secret=clientKey+":"+clientPass; >>>>> var base64Encoded= btoa(secret); >>>>> console.log("base64Encoded="+base64Encoded); >>>>> return $http({ >>>>> url: tokenAPI, >>>>> method: 'POST', >>>>> data: dataObj, >>>>> *withCredentials:false,* >>>>> headers: { "Content-Type": "application/x-www-form-urlencoded" >>>>> ,"Authorization":base64Encoded} >>>>> }); >>>>> }; >>>>> >>>>> >>>>> When I run my application I get the CORS error in Chrome *browser console >>>>> *as below >>>>> >>>>> *Failed to load >>>>> http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token >>>>> <http://xx-xx-xxx-xx-xx.xxxxxx.xxxxxx.xxxxxxxx.com:8280/token>: Request >>>>> header field Access-Control-Allow-Methods is not allowed by >>>>> Access-Control-Allow-Headers in preflight response.* >>>>> >>>>> >>>>> Configuration changes to enable CORS in wso2 server screenshots are >>>>> attached. >>>>> >>>>> >>>>> Is there anything I'm missing now? >>>>> >>>>> Regards >>>>> Shib >>>>> >>>>> >>>>> >>>>> >>>>> On Tue, Jun 26, 2018 at 5:51 PM, Ishara Cooray <isha...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi Shib, >>>>>> >>>>>> Configuration changes to enable CORS in wso2 server seem to be >>>>>> correct. >>>>>> >>>>>> I think you have to explicitly set withCredentials atribute which is >>>>>> a client side attribute to false from your >>>>>> angular application or whitelist the origin in api-manager.xml >>>>>> without using '*'. >>>>>> >>>>>> Please refer [1] >>>>>> >>>>>> [1] https://stackoverflow.com/questions/42803394/cors- >>>>>> credentials-mode-is-include >>>>>> >>>>>> Thanks & Regards, >>>>>> Ishara Cooray >>>>>> Senior Software Engineer >>>>>> Mobile : +9477 262 9512 >>>>>> WSO2, Inc. | http://wso2.com/ >>>>>> Lean . Enterprise . Middleware >>>>>> >>>>>> On Tue, Jun 26, 2018 at 12:30 PM, shibsankar <src...@gmail.com> >>>>>> wrote: >>>>>> >>>>>>> I'm receiving CORS errors from WSO2 in Chrome browser console. >>>>>>> >>>>>>> >>>>>>> Here is my angular application code & WSO2 CORS configuration >>>>>>> screenshots attached. >>>>>>> >>>>>>> >>>>>>> >>>>>>> *// from Angular Controller js* >>>>>>> >>>>>>> var dataObj="grant_type=password&username=xxxxxxxxx&password= >>>>>>> xxxxxxxxx&scope=openid"; >>>>>>> >>>>>>> Service.callTokenAPI(dataObj) >>>>>>> .then(function onSuccess(response) { >>>>>>> console.log("Success"); >>>>>>> console.log("result #### = " + JSON.stringify(response)); >>>>>>> }, function onFailure(error) { >>>>>>> console.log("failure"); >>>>>>> }); >>>>>>> >>>>>>> >>>>>>> >>>>>>> *//from Service.js* >>>>>>> >>>>>>> var callTokenAPI = function (dataObj) { >>>>>>> console.log("Call server dataObj =" + angular.toJson(dataObj)); >>>>>>> var secret=clientKey+":"+clientPass; >>>>>>> var base64Encoded= btoa(secret); >>>>>>> console.log("base64Encoded="+base64Encoded); >>>>>>> return $http({ >>>>>>> url: tokenAPI, >>>>>>> method: 'POST', >>>>>>> data: dataObj, >>>>>>> headers: { "Content-Type": "application/x-www-form-urlencoded" >>>>>>> ,"Authorization":base64Encoded} >>>>>>> }); >>>>>>> }; >>>>>>> >>>>>>> >>>>>>> When I run my application I get the CORS error as below attached. >>>>>>> >>>>>>> *CORS Error in Chrome Browser Console :* >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> I have the CORS config settings in these mentioned files* >>>>>>> (screenshot attached)* >>>>>>> *api-manager.xml* >>>>>>> *_tokenapi_.xml* >>>>>>> *-revokeapi_.xml* >>>>>>> >>>>>>> >>>>>>> I'm still receiving CORS errors from WSO2. >>>>>>> >>>>>>> Is there anything I'm missing? >>>>>>> >>>>>>> Regards >>>>>>> Shib >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Dev mailing list >>>>>>> Dev@wso2.org >>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>> >>>>>>> >>>>>> >>>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>> >>> >>> -- >>> *Pubudu Gunatilaka* >>> Committer and PMC Member - Apache Stratos >>> Senior Software Engineer >>> WSO2, Inc.: http://wso2.com >>> mobile : +94774078049 >>> >>> >> > > -- > *Pubudu Gunatilaka* > Committer and PMC Member - Apache Stratos > Senior Software Engineer > WSO2, Inc.: http://wso2.com > mobile : +94774078049 > >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev