Javascript 带角的Reddit oAuth
我似乎无法从reddit获得访问令牌。这是我的代码,因为我一直收到一个Javascript 带角的Reddit oAuth,javascript,angularjs,oauth,reddit,Javascript,Angularjs,Oauth,Reddit,我似乎无法从reddit获得访问令牌。这是我的代码,因为我一直收到一个[Error]XMLHttpRequest无法加载的错误https://ssl.reddit.com/api/v1/access_token. 起源http://127.0.0.1:9000 访问控制允许原点不允许。(oauth,第0行) 以下是相关的代码片段: var clientId = '############'; var cliendSecret = '##################'; var redirec
[Error]XMLHttpRequest无法加载的错误https://ssl.reddit.com/api/v1/access_token. 起源http://127.0.0.1:9000 访问控制允许原点不允许。(oauth,第0行)
以下是相关的代码片段:
var clientId = '############';
var cliendSecret = '##################';
var redirectUri = encodeURI('http://127.0.0.1:9000/oauth');
var grantType = 'authorization_code';
var getAccessToken = function (code) {
var url = 'https://ssl.reddit.com/api/v1/access_token';
var attrs = {
'grant_type': grantType,
'code': code,
'redirect_uri': redirectUri
};
var encodedAuthHeader = 'Basic ' + btoa(clientId + ':' + cliendSecret);
var promise = $http(
{
url: url,
method: 'POST',
data: attrs,
headers: {'Authorization': encodedAuthHeader}
}).then(function(response) {
return response;
}, function(response) {
return response;
});
return promise;
};
我可以使用chrome上的postman插件获取访问令牌,因此我检查了postman和angular的请求,它们有很大的不同(POST和OPTIONS)。你知道我如何用Angular创建类似的请求吗?我知道angular首先提出了CORS要求。这是reddit服务器不支持的吗
谢谢
邮递员:
POST /api/v1/access_token HTTP/1.1
Host: ssl.reddit.com
Connection: keep-alive
Content-Length: 403
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36
Origin: chrome-extension://fdmmgilgnpjigdojojpjoooidkmcomcm
Authorization: Basic Vmd2dUNXT3RCb214d3c6YWh5d21kVXd4czJEXzhScThaNEhSU3ZzMG1F
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarytxCWa5t6OHsTtEU0
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Cookie: reddit_session=8647320%2C2014-02-05T14%3A38%3A09%2C668f4a063ccd2b118a7504c9849d9f0ec4595444
OPTIONS /api/v1/access_token HTTP/1.1
Host: ssl.reddit.com
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://127.0.0.1:9000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36
Access-Control-Request-Headers: accept, authorization, content-type
Accept: */*
Referer: http://127.0.0.1:9000/oauth?state=test&code=40V-fHS-4r8COQgKUP08Q8dgzkk
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
角度的:
POST /api/v1/access_token HTTP/1.1
Host: ssl.reddit.com
Connection: keep-alive
Content-Length: 403
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36
Origin: chrome-extension://fdmmgilgnpjigdojojpjoooidkmcomcm
Authorization: Basic Vmd2dUNXT3RCb214d3c6YWh5d21kVXd4czJEXzhScThaNEhSU3ZzMG1F
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarytxCWa5t6OHsTtEU0
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Cookie: reddit_session=8647320%2C2014-02-05T14%3A38%3A09%2C668f4a063ccd2b118a7504c9849d9f0ec4595444
OPTIONS /api/v1/access_token HTTP/1.1
Host: ssl.reddit.com
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://127.0.0.1:9000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36
Access-Control-Request-Headers: accept, authorization, content-type
Accept: */*
Referer: http://127.0.0.1:9000/oauth?state=test&code=40V-fHS-4r8COQgKUP08Q8dgzkk
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
看看我对这个问题的回答,了解CORS的一些背景知识: 在您的情况下,我认为应该将
内容类型
标题设置为多部分/表单数据
对于所有请求:
$httpProvider.defaults.headers.post = {'Content-Type': 'multipart/form-data'}
只需一个请求:
$http.post(url,data, {headers: {'Content-Type': 'multipart/form-data'}})
要检查它是否真的只是CORS问题,您可以暂时禁用chrome检查,如“是”中所述,这将修复该问题@PieterHerroelen知道如何在不禁用安全模式的情况下修复此问题吗?我如何才能忽略
访问控制允许源文件标题?@nknj您成功实现了oauth吗?您使用的是chrome扩展吗?我正在尝试做一些类似的事情,如果您有一个工作示例,我希望看到一些代码。