我正在将OneDrive和OneDrive Enterprise API集成到当前项目中 . 我坚持使用OAuth流程,专门生成刷新令牌和访问令牌供以后使用 .
这些调用是通过AJAX请求进行的,显然Microsoft OAuth endpoints 不支持CORS(响应中缺少Access-Control-Allow-Origin标头) .
使用AJAX请求标头:
POST /common/oauth2/token HTTP/1.1
Host: login.microsoftonline.com
Connection: keep-alive
Content-Length: 987
Pragma: no-cache
Cache-Control: no-cache
Accept: */*
Origin: http://localhost
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.8
响应 Headers :
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
x-ms-request-id: 4af29899-6eec-485b-81f4-eb654e4ce8f0
client-request-id: e307d3b2-dcdd-4e6f-b892-3f0ab9b6d8e7
x-ms-responsehealth: TargetId=ESTSFE_IN_166;Action=None;Category=None;Health=0;Load=25;
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: esctx=AAABAAAA0TWEUN3YUUq5vuCvmnaQicX4MVI1_yI1ufS9w-9YAaQPxCGXvR8oiEo7fqzcDM0AYPgVgmjFUN03Xw6nUdD_D5MkLLyoACMzmimrn53jr-RxNb2RhKeckZwC4HrTWqxbR7Wjf9jm75f4zPfOohV_hCns_42xQ8byFsQqtqsd7XVIG6tBzxrJAm8Kyb1bQRgnIAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly
Set-Cookie: x-ms-gateway-slice=productionb; path=/; secure; HttpOnly
Set-Cookie: stsservicecookie=ests; path=/; secure; HttpOnly
X-Powered-By: ASP.NET
Date: Thu, 21 Jul 2016 18:29:16 GMT
Content-Length: 3024
控制台错误:
XMLHttpRequest无法加载https://login.microsoftonline.com/common/oauth2/token . 请求的资源上没有'Access-Control-Allow-Origin'标头 .
有没有人提出同样的问题?
我是否需要在Microsoft Azure控制台上设置某些内容?