I am using Angular2 to access the token from an external Spring Java application. I can get the token through CURL, but not through the Angular form.
curl localhost:8085/uaa/oauth/token --data "grant_type=password&scope=write&username=MY-USERNAME&password=MY-PASSWORD" --user user:pwd
I have included Cors in Java back-end as follows:
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { final HttpServletResponse response = (HttpServletResponse) servletResponse; response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Access-Control-Allow-Credentials", "true"); response.setHeader("Access-Control-Allow-Methods", "POST, PUT, DELETE, GET, HEAD, OPTIONS"); response.setHeader("Access-Control-Allow-Headers", "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, If-Modified-Since"); chain.doFilter(servletRequest, servletResponse); }
My Angular code is as follows:
import {Injectable, Component} from 'angular2/core'; import {Observable} from 'rxjs/Rx'; import {Http, HTTP_PROVIDERS, Headers} from 'angular2/http'; @Component({ viewProviders: [HTTP_PROVIDERS] }) @Injectable() export class Authentication { token:string; http:Http; constructor(http:Http) { this.token = localStorage.getItem('token'); this.http = http; } login(username:String, password:String) { var url = 'http://localhost:8085/uaa/oauth/token', body = JSON.stringify({ username: username, password: password }), options = { headers: new Headers({ 'credentials': 'true', 'grant_type': 'password', 'scope': 'write', 'Accept': 'application/json', 'Content-Type': 'application/x-www-form-urlencoded' }) }; return this.http.post(url, body, options) .map((res:any) => { let data = res.json(); this.token = data.token; localStorage.setItem('token', this.token); }); } }
Server response:
Request URL:http://localhost:8085/uaa/oauth/token Request Method:OPTIONS Status Code:401 Unauthorized Remote Address:[::1]:8085