Cors issues using Oauth in Nodejs/Angular local app

Question

My settings are the following :

• Frontend in Angular: http://localhost:4200
• backend in nodejs : localhost:3000

I configured OAuth applications (github, google...) with the backend url (auhorized and callback url)

Then I set up oAuth using passport in nodejs. The frontend only sends http request to the backend when the login button is clicked; the frontend does not communicate with the OAuth provider(is that right ?)

I get the following cors issue:

Access to XMLHttpRequest at 'https://accounts.google.com/o/oauth2/v2/auth?response_type=code&redirect_uri=http%3A%2F%2Fwww.oshop.com%3A3000%2Fauth%2Fgoogle%2Fcallback&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fplus.login&client_id=932090050496-dntdn7u1rg5r9nrm9maqeg1nhm2bc7hs.apps.googleusercontent.com' (redirected from 'http://localhost:3000/auth/google') from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I have set up all cors needed headers in my nodejs server but still have the same issue.

app.use(function (req, res, next) {

  res.header("Access-Control-Allow-Origin", "http://localhost:4200");

  res.header("Access-Control-Allow-Credentials", true);

  res.header("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");

  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization, withCredentials");

  next();
});

Any clues? Thanks,

Answer 1

I'd suggest using cors package and add the following code

app.use(cors({ origin: 'http://localhost:4200', credentials: true }));

Answer 2

It is a browser redirect so you could redirect to local host:3000 (node) and then do either an ajax call to exchange the response code or do the same in node. If you provide some more information on the issue that you are facing, I might be able to help?