0

再会,

我正在尝试使用 github oauth2.0 apis 并坚持/access_token使用 fetch 和 axios 进行调用。

我已经成功地让/authorizeapi 工作并拥有client_id, client_secret, 并code成功传递给getAccessToken函数。但是,无法通过返回 cors 错误问题进行提取。

我探索过的东西

代码:

export const authorize = async () => {
  const uri = withQuery('https://github.com/login/oauth/authorize', {
    client_id: process.env.VUE_APP_CLIENT_ID,
    redirect_uri: 'http://localhost:8080/authorize',
    scope: 'read:user',
  });
  window.location.replace(uri);
};

export const getAccessToken = async (code: string) => {
  const { VUE_APP_CLIENT_ID, VUE_APP_CLIENT_SECRET } = process.env;

  const uri = withQuery('https://github.com/login/oauth/access_token', {
    client_id: VUE_APP_CLIENT_ID,
    client_secret: VUE_APP_CLIENT_SECRET,
    code,
  });

  axios({
    method: 'post',
    url: uri,
    headers: {
      accept: 'application/json',
    },
  }).then(response => {
    console.log('response: ', response);
  });
};

Axios 错误:

authorize:1 Access to XMLHttpRequest at 'https://github.com/login/oauth/access_token?client_id=abcdefgh&client_secret=abcdefgh' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

createError.js?2d83:16 Uncaught (in promise) Error: Network Error
    at createError (createError.js?2d83:16)
    at XMLHttpRequest.handleError (xhr.js?b50d:81)
4

1 回答 1

0

由于一些与安全相关的限制,Github 阻止开发人员在仅客户端应用程序上实现 OAuth Web 应用程序流程。

参考:

工作解决方案:

于 2019-11-16T16:38:48.567 回答