与Google Oauth封锁了React和DeNo的跨原生蛋白请求
我使用oak有一台deno服务器:
import { CORS } from "https://deno.land/x/[email protected]/mod.ts";
export { Application } from "https://deno.land/x/[email protected]/mod.ts";
const app = new Application();
app.use(CORS({
origin: '*', credentials: true
}))
app.use('/auth/google/url', (ctx) => {
const oauth2Client = new OAuth2Client({
clientId: env.get("CLIENTID") as string,
clientSecret: env.get("CLIENTSECRET") as string,
redirectUri: env.get("REDIRECTURI") as string,
authorizationEndpointUri: env.get("AUTHORIZATIONENDPOINTURI") as string,
tokenUri: env.get("TOKENURI") as string,
defaults: {
scope: "profile email openid",
},
});
ctx.response.redirect(
return oauth2Client.code.getAuthorizationUri();
);
});
React App中的API
import React from 'react'
export default function App(){
const handleClick = () => {
fetch('/auth/google/url', {method: 'get', redirect: 'follow'})
.then((response) => {
if (response.status === 302) {
window.location.href = response.url
}
})
}
return(
<Button onClick={handleClick}>SignIn with Google</Button>
)
}
我在package.json中设置了
"proxy": "http://127.0.0.1:5000"
:我在浏览器控制台中遇到了此错误:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://accounts.google.com/o/oauth2/v2/auth?response_type=code&client_id=XXXXXXXXXXX&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2Fauth%2Fgoogle%2Fcallback&scope=profile+email+openid. (Reason: CORS request did not succeed). Status code: (null).
I have a deno server using oak:
import { CORS } from "https://deno.land/x/[email protected]/mod.ts";
export { Application } from "https://deno.land/x/[email protected]/mod.ts";
const app = new Application();
app.use(CORS({
origin: '*', credentials: true
}))
app.use('/auth/google/url', (ctx) => {
const oauth2Client = new OAuth2Client({
clientId: env.get("CLIENTID") as string,
clientSecret: env.get("CLIENTSECRET") as string,
redirectUri: env.get("REDIRECTURI") as string,
authorizationEndpointUri: env.get("AUTHORIZATIONENDPOINTURI") as string,
tokenUri: env.get("TOKENURI") as string,
defaults: {
scope: "profile email openid",
},
});
ctx.response.redirect(
return oauth2Client.code.getAuthorizationUri();
);
});
I call the api from the react app:
import React from 'react'
export default function App(){
const handleClick = () => {
fetch('/auth/google/url', {method: 'get', redirect: 'follow'})
.then((response) => {
if (response.status === 302) {
window.location.href = response.url
}
})
}
return(
<Button onClick={handleClick}>SignIn with Google</Button>
)
}
I set the proxy in the package.json:
"proxy": "http://127.0.0.1:5000"
I got this error in the browser console:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://accounts.google.com/o/oauth2/v2/auth?response_type=code&client_id=XXXXXXXXXXX&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2Fauth%2Fgoogle%2Fcallback&scope=profile+email+openid. (Reason: CORS request did not succeed). Status code: (null).
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我通过更新API解决了问题,因此,我没有将用户重定向到回调页面,而是返回URL和状态代码:
因此,按钮处理程序会像这样更新:
I fixed the issue by updating the api, so instead of redirecting the user to the callback page I return the url and the status code:
So the button handler is updated like this: