0

I've got a simple node.js backend build on Restify with OAuth2 authorization implemented (restify-oauth2 plugin).

I've got a problem requesting a token. When I call POST method with my REST client, everything works correctly and I get access_token and token_type.

The problem occurs when I try to do the same thing in my frontend aplication made in Angular using Restangular. It calls OPTIONS method before sending actual POST, and the server responds with an error:

XMLHttpRequest cannot load http://localhost:8080/token?grant_type=client_credentials.
Invalid HTTP status code 405

Here are my CORS settings on backend:

server.pre(
function crossOrigin(req,res,next){
    res.header("Access-Control-Allow-Origin", "*");
    res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");
    res.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
    return next();
  }
);
server.use(restify.fullResponse());

And this is REST call used in the frontend:

Restangular.one('token').post(
  null, 
  null, 
  {grant_type: "client_credentials"}, 
  {Authorization: "Basic bXlsb2dpbjpteXBhc3M="}
)

Can somebody help me figure out how to get it to work?

zorza
  • 2,814
  • 3
  • 27
  • 41
  • You haven't setup your server to respond to OPTIONS requests, hence the "Method not allowed" statuscode. You set it up in the same way you respond to GET requests. `server.options('*',function (req,res,next){...});` – Kevin B Jul 02 '15 at 20:15
  • Unfortunately /token endpoint is generated automatically by OAuth2 plugin. I have no idea how to set it's response to OPTIONS requests. Do you know a way to do this? – zorza Jul 02 '15 at 20:18
  • 1
    See the answer here: http://stackoverflow.com/a/25532150/400654 – Kevin B Jul 02 '15 at 20:18
  • @KevinB This accually helped. Thanks a lot – zorza Jul 02 '15 at 20:45

0 Answers0