Comments (4)
jas-
commented on May 16, 2024
Yes. The port in this case tells the browser that http://www.duo.sallespro.com.br:3000 & http://www.duo.sallespro.com.br do not reside in the same origin (See same origin restrictions)
You should only need to set the following header in the responses from http://www.duo.sallespro.com.br:3000 for any request containing the preflight cors request OPTIONS type : res.setHeader('Access-Control-Allow-Origin'', 'www.duo.sallespro.com.br')
from oauth2orize.
jaredhanson
commented on May 16, 2024
Thanks @jas for the reply! You'll need to enable CORS on your server to support this (see connect-cors). As always, please be aware of any security concerns if you choose to do this.
from oauth2orize.
jas-
commented on May 16, 2024
No worries @jaredhanson, hope it helped @sallespromanager.
from oauth2orize.
sallespromanager
commented on May 16, 2024
hi @jas & @ @jaredhanson,
thank you for your initiatives building this code and the concerns.
what has really been helpful was to go deeper into the ( not so easy ) Oauth flows & mainly this repo with a very complete example.
https://github.com/FrankHassanabad/Oauth2orizeRecipes
i suggest to include in the wiki / readme files to have people jump start it.
the confusion is on which parameters should be included in the headers / in the req. parameters, and so forth...
from oauth2orize.
Related Issues (20)
- [Decision/Grant] ForbiddenError: Unable to load OAuth 2.0 transactions HOT 1
- When access token will be expired, and does it auto refresh token? HOT 1
- complete callback is never called on decision middleware HOT 1
- Is this still maintained ? HOT 2
- Token middleware does not call application server's "next" HOT 1
- request.oauth2.transactionId is undefined HOT 1
- How to send refresh token next to access token after authorization? HOT 1
- How to determine if user is logged in at the client-side? HOT 1
- TokenError defaults don't follow the RFC 6749
- Refresh Token missing HOT 8
- Deny Oauth HOT 2
- Including the RFC-7662 (token introspection) HOT 1
- Porting to Koa2
- "client is not defined" on code -> token exchange. HOT 3
- Get token when parse client-id and client-secret without basic authentication
- Authorization Code redirect call in case of error HOT 2
- Unable to get the exchange token HOT 1
- Out of date Dependencies!
- Authorization code is not revoked after exchanging it for token HOT 1
- Support async function to replace `done()`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth2orize.