1

I have an AJAX call to Google's oAuth2 api looks like this:

$(document).on('click', '#signup', function() {
  var OAUTHURL        =  'https://accounts.google.com/o/oauth2/auth?';
  var SCOPE           =   'email profile';
  var STATE           =   'profile';
  var REDIRECT_URI    =   'https://localhost:8080/callback';
  var RESPONSE_TYPE   =   'token';
  var CLIENT_ID       =   '554886359117-8icq0dc9halr8rjd6bdtqcmagrdql9lr.apps.googleusercontent.com';
  var _url            =    OAUTHURL + 'scope=' + SCOPE + '&state=' + STATE + '&redirect_uri=' + REDIRECT_URI + '&response_type=' + RESPONSE_TYPE + '&client_id=' + CLIENT_ID;
  $.ajax({
    type: "POST",
    dataType: "text",
    url: _url,
    success: function(response)
    {
        console.log(response.url);
    },
    error: function(error)
    {
        console.log("ERROR: ", error);
    }
  });
});

This is supposed to redirect back to the server running on http://localhost/callback.

Redirect URIs:  http://localhost:8080/callback
Javascript Origins: http://localhost:8080

I also have the callback function defined as below:

func init() {
    r := mux.NewRouter()

    r.HandleFunc("/", rootHandler)
    r.HandleFunc("/callback", callbackHandler)
    http.Handle("/", r)
}
func callbackHandler(w http.ResponseWriter, r *http.Request) {
    fmt.Fprint(w, "I am sent back from the server!"+time.Now().Format("Mon, 02 Jan 2006 15:04:05 MST"))
}

everything looks good in debugging mode, except I get this error back from google's api:

XMLHttpRequest cannot load https://accounts.google.com/o/oauth2/auth?scope=email%20profile&state=profi…d=554886359117-8icq0dc9halr8rjd6bdtqcmagrdql9lr.apps.googleusercontent.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.

I have tweaked a little around but I can't seem to find my way through. Any thought on this?

Improve this question

2 Answers 2

Reset to default
1

Like Not_a_Golfer said your backend is not setting correct headers to response. To handle CORS problem in every cases I made this little handler that wraps your router so you don't have to manually set headers in every callback.

Use it like this:

import "github.com/heppu/simple-cors"

func init() {
    r := mux.NewRouter()
    r.HandleFunc("/", rootHandler)
    r.HandleFunc("/callback", callbackHandler)
    http.Handle("/", cors.CORS(r))
}
func callbackHandler(w http.ResponseWriter, r *http.Request) {
    fmt.Fprint(w, "I am sent back from the server!"+time.Now().Format("Mon, 02 Jan 2006 15:04:05 MST"))
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Just add CORS headers to your callbackHandler:

// make this configurable via command line flags, env var, or something
var MyServerName = "https://localhost:8080" 

func callbackHandler(w http.ResponseWriter, r *http.Request) {
    w.Header().Add("Access-Control-Allow-Origin", MyServerName)

    fmt.Fprint(w, "I am sent back from the server!"+time.Now().Format("Mon, 02 Jan 2006 15:04:05 MST"))
}
Improve this answer

2 Comments

I have played with it with different tricks, didn't really seem to solve the problem.
My challenging question is if the problem is from the point where my AJAX call gets sent over the wire or is it my callback handler that fails to handle response from google?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.