2

I am trying to revoke a token using the Google Api client side code.

My code looks something like this:

$.get("https://accounts.google.com/o/oauth2/revoke?token=" + accessToken, function () {
        window.location.reload();
    });

And I am getting the following error?

XMLHttpRequest cannot load https://accounts.google.com/o/oauth2/revoke?token=tokenishere Origin http://balblabla.com is not allowed by Access-Control-Allow-Origin.

shenku
  • 11,969
  • 12
  • 64
  • 118
  • 2
    Based on the error it looks like you cannot do this on this client. Perhaps you'll need a server-side script to handle the request from within your domain. You can also explore [this](http://stackoverflow.com/questions/3506208/jquery-ajax-cross-domain) solution. Here's a [jsFiddle](http://jsfiddle.net/hwjPS/) example using the solution. – krg Oct 09 '12 at 22:30

3 Answers3

5

After some research I found out that you can get around the cors restriction by specifying a dataType: 'jsonp' option in your jquery ajax request. The relevant info is here: https://developers.google.com/+/web/signin/disconnect

$.ajax({
  type: 'GET',
  url: revokeUrl,
  async: false,
  contentType: "application/json",
  dataType: 'jsonp',
  success: function(nullResponse) {
    // Do something now that user is disconnected
    // The response is always undefined.
  },
  error: function(e) {
    // Handle the error
    // console.log(e);
    // You could point users to manually disconnect if unsuccessful
    // https://plus.google.com/apps
  }
});
Evan Siroky
  • 9,040
  • 6
  • 54
  • 73
StrangeLooper
  • 549
  • 5
  • 11
1

Following on from @krg's comment:

Based on the error it looks like you cannot do this on this client. Perhaps you'll need a server-side script to handle the request from within your domain. You can also explore this solution. Here's a jsFiddle example using the solution.

I have done this on the server side, using the same code:

$.ajax({
     url:"https://accounts.google.com/o/oauth2/revoke?token=10100101",
     dataType: 'jsonp', // Notice! JSONP <-- P (lowercase)
     success:function(json){
         console.log(arguments);
         // do stuff with json (in this case an array)
         alert("Success");
     },
     error:function(){
         alert("Error");
     },
});

which works.

Bhargav Rao
  • 50,140
  • 28
  • 121
  • 140
shenku
  • 11,969
  • 12
  • 64
  • 118
0

Now jsonp does not work. They have change content type to "application/x-www-form-urlencoded",

    $.ajax({
        type: 'GET',
        url: "https://accounts.google.com/o/oauth2/revoke?token=dsfgdfsg.98sdfgsdfg9sd8fgsdfgs.sdfg89dsfg",
        async: false,
        contentType: "application/x-www-form-urlencoded",
        success: function(nullResponse) {
            // Do something now that user is disconnected
            // The response is always undefined.
        },
        error: function(e) {
            console.log(e)
        }
    });
khan
  • 1,099
  • 1
  • 11
  • 21