oAuth token request fails, returns "403: Forbidden"

ajinair · 2011-11-23T11:38:32.000Z

Here’s my source:

Tiles

Click Me!

The sendPostRequestWithAuth method is as follows:

function sendPostRequestWithAuth(url, params, auth, onComplete)
{
xmlHttpReq.open(“POST”, url, true);
xmlHttpReq.setRequestHeader(“Content-Type”, “application/x-www-form-urlencoded”);
xmlHttpReq.setRequestHeader(“Content-Length”, params.length);
xmlHttpReq.setRequestHeader(“Authorization”, "OAuth " + auth);
xmlHttpReq.onreadystatechange = function() {
if(xmlHttpReq.readyState == 4 && xmlHttpReq.status == 200)
onComplete(xmlHttpReq.responseXML);
else if(xmlHttpReq.readyState == 4)
alert(xmlHttpReq.getResponseHeader(“oauth_token”) + xmlHttpReq.status);
};
xmlHttpReq.send(params);
}

Firefox initiates a preflight (because of the Authorization header, though it’s not documented), then I get a 403. What’s wrong?

episod · 2011-11-23T16:33:15.000Z

Usage of OAuth from Javascript in a browser environment is extremely frowned upon. Client-side Javascript is not an appropriate environment for OAuth 1.0A. Please use a server-based solution for OAuth or otherwise use Web Intents if you prefer a client-side integration.

ajinair · 2011-11-24T07:03:17.000Z

I know. I am new into this, and this is for learning purpose.

Ridermansb · 2012-01-12T12:53:05.000Z

I’m having the same problem.
I’m needs in Javascript , any solution?