Redirect with CORS

[SGarno]

In reference to #7, I ended up writing native SK code to try to better understand what is going on under the covers with SK. With the external API that I am calling, I end up getting the following error message:

Access to fetch at 'https://{external url}' (redirected from 'http://localhost:3000/auth/oauth') from origin 
'http://localhost:3000' has been blocked by CORS policy: 
No 'Access-Control-Allow-Origin' header is present on the requested resource. 
If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

That seems to be a message from SK. Are you able to get SKAuth to work with CORS?

I saw you are converting to a class library. Let me know when you feel SKAuth is at a good point and I can give it a try. 😄

[Dan6erbond]

Hey there! Thanks for opening up this discussion page! I actually did get CORS to work, perfectly fine, since most of the requests are being made server-side instead of client-side (are you by any chance trying to fetch profile information or refresh tokens on the client?)

As for SvelteKitAuth's ready-status; I'd consider it ready! I just posted on Reddit yesterday again about it's current state, and while the client library isn't yet ironed out, it's now safe to use and features a built-in OAuth2 provider that can be customized with a simple config.

[SGarno]

I am trying to fetch the login screen of an OAuth2 authentication. I am doing the 302 redirect to the url returned from the initial fetch and it gives me this error.

async function authRedirect (url) {
    return {
        status: 302,
        mode: 'no-cors',
        headers: {
            location: url
        }
    }
}

I even tried no-cors mode, but still gets the error.

I will get the latest SKAuth and see if it returns the same error.

The next challenge after that will be to see if I can get it to work with Windows SSO. Fun! 😨

[Dan6erbond]

Check out my response in #20 as an install via NPM should be working now!

You can implement your own providers using the OAuth2Provider, OAuth2BaseProvider or Provider abstract classes and I'm sure SAML SSO will be a breeze as it was one of the things I wanted to have first-class support for in SK Auth!