Details
-
Type: extRequest
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
Sender Email:
-
HD-Chapter:Security
-
HD-Enabler:KeyRock
Description
Hi, we are trying to build an application with several FIWARE GEs, and we
need to be able to identify users from the web-browser.
Our approach is to use JavaScript to perform the communication with the
FIWARE authentication server (account.lab.fiware.org), but we must be doing
something wrong, because we can't get this working.
The application is deployed in a FI-Lab instance. This instance is an
Ubuntu 14 with an Apache server. We haven't installed anything else in it,
so the instance only contains the web server and the .html and JS code of
our application.
From the JS code of our application we send an HTTP request to the '
account.lab.fiware.org' server using a $.ajax() call.
The call fails, printing something like this (I shortened some parts) in
the JS console:
"XMLHttpRequest cannot load ...
The request was redirected to '
https://account.lab.fiware.org/oauth2/authorize?response_type=...'
which is disallowed for cross-origin requests that require preflight"
The Cross-Origin problem can be by-passed, (but not solved) using a CORS
plugin for the Chrome browser, but this is isn't a solution. Is just a
patch; however it proves that the code was not totally wrong, because the
authentication works when using the CORS plugin.
My questions are:
1- Do we need to install something (a KeyRock instance?) in our FI-Lab
instance to make this work?
2- Is it necessary to modify something in our web server configuration to
eliminate the CORS error?
3- Is it possible to perform the authentication with JavaScript?
Thanks in advance for your help.
Best regards, Sergio.
_______________________________________________
Fiware-tech-help mailing list
Fiware-tech-help@lists.fi-ware.org
https://lists.fi-ware.org/listinfo/fiware-tech-help
[Created via e-mail received from: Sergio Casas <scasas@robotica.uv.es>]
Activity
- All
- Comments
- History
- Activity
- Transitions
Hi,
we are sending a request to get an access code,
It is something like this but using our id and url:
GET /oauth2/authorize?response_type=code&client_id=1&state=xyz&redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
HTTP/1.1Host: account.lab.fiware.org