OPTIONS to /oauth2/token gives 400 Bad Request


#1

I’m following the tutorial here. The preflight request/response looks like this…

XMLHttpRequest cannot load https://api.twitter.com/oauth2/token. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access. The response had HTTP status code 400. 
Remote Address:199.16.156.104:443
Request URL:https://api.twitter.com/oauth2/token
Request Method:OPTIONS
Status Code:400 Bad Request

Request Headers

:host:api.twitter.com
:method:OPTIONS
:path:/oauth2/token
:scheme:https
:version:HTTP/1.1
accept:*/*
accept-encoding:gzip,deflate,sdch
accept-language:en-US,en;q=0.8
access-control-request-headers:accept, authorization, content-type
access-control-request-method:POST
cache-control:max-age=0
dnt:1
origin:http://localhost:4200
referer:http://localhost:4200/
user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36

Response Headers

content-length:0
date:Wed, 05 Nov 2014 08:03:51 UTC
server:tsa_b
status:400 Bad Request
version:HTTP/1.1
x-connection-hash:33b0c217b2a0d4cdb1bcd1e65da28ffb

For reference, the code that makes the request looks like this…

`import ENV from 'vapour/config/environment'`
`import Em from 'ember'`

options = 
  type: 'POST'
  url: 'https://api.twitter.com/oauth2/token'
  data: 'grant_type=client_credentials'
  headers:
    'Authorization': "Basic #{window.btoa "#{ENV.TWITTER_CONSUMER_KEY}:#{ENV.TWITTER_CONSUMER_SECRET}"}"

TwitterApplicationOnlyAuthenticationInitializer = 
  name: 'twitter-application-only-authentication'
  initialize: ->
    Em.$
      .ajax options
      .then (result) ->
        console.log result

`export default TwitterApplicationOnlyAuthenticationInitializer`

Thanks


#2

Hello i have same problem … how to sloved it?


#3

Are you using client-side Javascript and also receiving and error about “No ‘Access-Control-Allow-Origin’ header is present”?


#4