Reputation: 479
Enable CORS in Golang callback function
I have an AJAX call to Google's oAuth2 api looks like this:
$(document).on('click', '#signup', function() {
var OAUTHURL = 'https://accounts.google.com/o/oauth2/auth?';
var SCOPE = 'email profile';
var STATE = 'profile';
var REDIRECT_URI = 'https://localhost:8080/callback';
var RESPONSE_TYPE = 'token';
var CLIENT_ID = '554886359117-8icq0dc9halr8rjd6bdtqcmagrdql9lr.apps.googleusercontent.com';
var _url = OAUTHURL + 'scope=' + SCOPE + '&state=' + STATE + '&redirect_uri=' + REDIRECT_URI + '&response_type=' + RESPONSE_TYPE + '&client_id=' + CLIENT_ID;
$.ajax({
type: "POST",
dataType: "text",
url: _url,
success: function(response)
{
console.log(response.url);
},
error: function(error)
{
console.log("ERROR: ", error);
}
});
});
This is supposed to redirect back to the server running on http://localhost/callback.
Redirect URIs: http://localhost:8080/callback
Javascript Origins: http://localhost:8080
I also have the callback function defined as below:
func init() {
r := mux.NewRouter()
r.HandleFunc("/", rootHandler)
r.HandleFunc("/callback", callbackHandler)
http.Handle("/", r)
}
func callbackHandler(w http.ResponseWriter, r *http.Request) {
fmt.Fprint(w, "I am sent back from the server!"+time.Now().Format("Mon, 02 Jan 2006 15:04:05 MST"))
}
everything looks good in debugging mode, except I get this error back from google's api:
XMLHttpRequest cannot load https://accounts.google.com/o/oauth2/auth?scope=email%20profile&state=profi…d=554886359117-8icq0dc9halr8rjd6bdtqcmagrdql9lr.apps.googleusercontent.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.
I have tweaked a little around but I can't seem to find my way through. Any thought on this?
Upvotes: 1
Views: 4289
Answers (2)
Reputation: 970
Like Not_a_Golfer said your backend is not setting correct headers to response. To handle CORS problem in every cases I made this little handler that wraps your router so you don't have to manually set headers in every callback.
Use it like this:
import "github.com/heppu/simple-cors"
func init() {
r := mux.NewRouter()
r.HandleFunc("/", rootHandler)
r.HandleFunc("/callback", callbackHandler)
http.Handle("/", cors.CORS(r))
}
func callbackHandler(w http.ResponseWriter, r *http.Request) {
fmt.Fprint(w, "I am sent back from the server!"+time.Now().Format("Mon, 02 Jan 2006 15:04:05 MST"))
}
Upvotes: 1
Reputation: 49177
Just add CORS headers to your callbackHandler:
// make this configurable via command line flags, env var, or something
var MyServerName = "https://localhost:8080"
func callbackHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Add("Access-Control-Allow-Origin", MyServerName)
fmt.Fprint(w, "I am sent back from the server!"+time.Now().Format("Mon, 02 Jan 2006 15:04:05 MST"))
}
Upvotes: 0
Related Questions
- Enable CORS in Golang
- Running into CORS error with any HTTP call regardless of it being handled on the server
- Golang standard http package cors issue
- How to handle preflight CORS requests on a Go server
- CORS on golang server & javascript fetch frontend
- CORS request with golang backend doesn't works
- Golang Redirect from JS call CORS error
- How to tackle Cors issue on local system?
- Using CORS in golang server made with kami
- Golang + CORS. Global setting somehow?