Sketchfab CORS error

Gius · October 30, 2020, 4:23pm

Hi,
in a Ionic app we would like to permit the user to upload 3D models on Sketchfab.
We implemented the Oauth2 login as described in Schetchfab Oauth2 guide about the grant type Authorization Code.

We take the AUTHORIZATION_CODE with the link and then we try to retrieve the token with this method:

getSkToken(skData): Observable {
let headers = new HttpHeaders({
‘content-type’: ‘application/x-www-form-urlencoded’
});

const options = { headers };
const serviceName = 'https://sketchfab.com/oauth2/token/';

return from(this.http.post(serviceName, skData, options).pipe(
    map(data => {
      return data;
    },
      error => {
        console.log(error);
      })
  ));
}

where skData are the correct values requested:

-‘grant_type’: ‘authorization_code’ ` -'code': [AUTHORIZATION_CODE]`
-‘client_id’: [CLIENT_ID] ` -'client_secret': [CLIENT_SECRET]`
-‘redirect_uri’: [REDIRECT_URI]`

We have this CORS error:

Access to XMLHttpRequest at ‘https://sketchfab.com/oauth2/token/’ from origin ‘[https://localhost:4200](https://localhost:4200/)’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

We tried to change the POST header in many ways, like:

let headers = new HttpHeaders({
‘content-type’: ‘application/x-www-form-urlencoded’,
‘Access-Control-Allow-Headers’: ‘Content-Type’,
‘Access-Control-Allow-Methods’: ‘POST’,
‘Access-Control-Allow-Origin’: ‘*’
});

But always CORS error, but in preflight.

Some idea?

Thank you!

mhartington · October 30, 2020, 7:26pm

Setting CORs is typically done on the Server side. Basically the server is saying “I do not know who this client is requesting data”

It’s because the API you’re trying to reach doesn’t support localhost.
We have a dedicated section in our docs on CORs and list some options you can take.

Gius · November 2, 2020, 5:50pm

Thank you Mike.

Following the tips on your suggested doc I tryed to use HTTP from “@ionic-native/http/ngx” on the Android emulator with “ionic capacitor run android”

I reach the Sketchfab server:

Sketchfab server send the token but localhost redirect fails:

I think this is a Ionic/emulator problem and I searched the web fot it but no solution.

What do you think about?

Thanks!

mhartington · November 3, 2020, 4:49pm

Yeah, ionic-native’s http is not going to help you here. Since the auth looks like it need to do a redirect back, you’ll need to change how you are authenticating.

Something like this could be helpful

Basically it’s a generic wrapper around OAuth APIs, which Sketchfab looks to be using. This could be integrated into your app. But without seeing some code, I don’t know what else I could suggest.