javascript - How to revoke an authentication token client side against the Google Api - Stack Overflow

admin管理员组

文章数量:1401673

I am trying to revoke a token using the Google Api client side code.

My code looks something like this:

$.get("=" + accessToken, function () {
        window.location.reload();
    }); 

And I am getting the following error?

XMLHttpRequest cannot load Origin is not allowed by Access-Control-Allow-Origin.

I am trying to revoke a token using the Google Api client side code.

My code looks something like this:

$.get("https://accounts.google./o/oauth2/revoke?token=" + accessToken, function () {
        window.location.reload();
    }); 

And I am getting the following error?

XMLHttpRequest cannot load https://accounts.google./o/oauth2/revoke?token=tokenishere Origin http://balblabla. is not allowed by Access-Control-Allow-Origin.

• javascript
• jquery
• oauth
• google-api
• google-analytics-api

Share Improve this question Follow asked Oct 9, 2012 at 22:29 shenkushenku 12.5k1414 gold badges6666 silver badges122122 bronze badges 1

• 2 Based on the error it looks like you cannot do this on this client. Perhaps you'll need a server-side script to handle the request from within your domain. You can also explore this solution. Here's a jsFiddle example using the solution. – krg Commented Oct 9, 2012 at 22:30

Add a ment  | 

3 Answers 3

Sorted by: Reset to default 5

After some research I found out that you can get around the cors restriction by specifying a dataType: 'jsonp' option in your jquery ajax request. The relevant info is here: https://developers.google./+/web/signin/disconnect

$.ajax({
  type: 'GET',
  url: revokeUrl,
  async: false,
  contentType: "application/json",
  dataType: 'jsonp',
  success: function(nullResponse) {
    // Do something now that user is disconnected
    // The response is always undefined.
  },
  error: function(e) {
    // Handle the error
    // console.log(e);
    // You could point users to manually disconnect if unsuccessful
    // https://plus.google./apps
  }
});

Following on from @krg's ment:

Based on the error it looks like you cannot do this on this client. Perhaps you'll need a server-side script to handle the request from within your domain. You can also explore this solution. Here's a jsFiddle example using the solution.

I have done this on the server side, using the same code:

$.ajax({
     url:"https://accounts.google./o/oauth2/revoke?token=10100101",
     dataType: 'jsonp', // Notice! JSONP <-- P (lowercase)
     success:function(json){
         console.log(arguments);
         // do stuff with json (in this case an array)
         alert("Success");
     },
     error:function(){
         alert("Error");
     },
});

which works.

Now jsonp does not work. They have change content type to "application/x-www-form-urlencoded",

    $.ajax({
        type: 'GET',
        url: "https://accounts.google./o/oauth2/revoke?token=dsfgdfsg.98sdfgsdfg9sd8fgsdfgs.sdfg89dsfg",
        async: false,
        contentType: "application/x-www-form-urlencoded",
        success: function(nullResponse) {
            // Do something now that user is disconnected
            // The response is always undefined.
        },
        error: function(e) {
            console.log(e)
        }
    });

本文标签： javascriptHow to revoke an authentication token client side against the Google ApiStack Overflow