CORS issue when redirect to Google OAuth endpoint
We are trying to do Google Auth using React as a client and .NET as backend (identity without UI).
First, we try to access "external-login" endpoint on backend from frontend. But then CORS issue arise.
[Route("external-login")]
public async Task<IActionResult> ExternalLogin(string provider, string returnUrl, CancellationToken cancellationToken)
{
var command = new GenerateExternalAuthPropertiesCommand(provider, returnUrl);
var properties = await _mediator.Send(command, cancellationToken);
return Challenge(properties, provider);
}
So frontend(domain1.com) calls backend(domain2.com), the backend does redirection to Google OAuth endpoint. Actually, it tries to do OPTIONS request to google endpoint and for sure it failed.
Then we decided to make the same origin(scheme, domain and port) through the Nginx. So let's say we have a server, there is domain.com which points to Nginx.
We set
domain.com/auth/front as a reverse_proxy pass for frontend container
domain.com/auth/back as a reverse_proxy pass for backend container.
it works: we can access the backend endpoint via domain.com/auth/back/test
and frontend endpoints via domain.com/auth/front/test.
Now OPTIONS request disappeared, but still, we face CORS issue when we access Google endpoint.
Any ideas, guys?
So the problem was simple. After discussing it with colleagues it turned out that the XHR request cannot do that. To make this work - we need to change the XHR call to a simple tag. Why it didn't work? - Because of security, XHR requests shouldn't be allowed to do such requests with redirects so CORS blocked it. With the form, it will redirect the user which gives visibility and the Antiforgery token gives security from a malicious js execution standpoint.
- How can I customize the color of a Checkbox in Material UI?
- Why do I get error "CSRF token mismatch". React 18 SPA with Laravel 10 API
- What are these three dots in React doing?
- npm run build is failing due to typescript or lodash uncompatibility
- Is it possible to return empty in react render function?
- Get color code from MUI palette color name
- React: ".map is not a function"
- Not able to upload a file on button click in react with mui
- react native header button doesn't work as expected
- How does Snapshot of a UI in React works?
- React Native FlatList with position absolute behind Components
- how to return values from a Laravel Sever to React with inertiajs?
- Next.js Redirect from / to another page
- Cant get coderef.current in my main index.js file and it is bringing an error
- React-Bootstrap dropdown on hover
- How to get Input field type as props in react typescript
- Next.js Application error: a client-side exception has occurred (see the browser console for more information)
- Blocked by CORS policy despite domain name present in server side file
- React hooks: call component as function vs render as element
- Using SSL with Local React Development on Windows
- How to add a className to an element inside a variable in react?
- What's the best way to set localStorage in React?
- How to combine the data of two state into third state in Next js
- Typescript error TS2307: Cannot find module 'react' when trying to import without using node.js?
- Redux reducer remove item from nested object state
- How do I change the background color of the body?
- How do I map() all images in a folder? | React.js and Vite
- Hosting Nextjs on hostinger
- React eslint error missing in props validation
- How to display an Error message when logging in fails in Reactjs