This is a migrated thread and some comments may be shown as answers.

CORS Error on Redirect for Auth

3 Answers 65 Views
Grid
This is a migrated thread and some comments may be shown as answers.
Joel
Top achievements
Rank 1
Veteran
Iron
Iron
Joel asked on 14 Jan 2021, 09:03 PM

I have a portal and an IdentityServer4 site for authentication.  When I load a page my Telerik Grid goes out to get the data.  My scenario is, if I let the page sit long enough to let the Token expire I expect the UI to redirect for login... but that doesn't happen.  The grid works fine when I have a valid Access Token.  I need this to redirect and be happy.  Instead, the grid returns no feedback and I get the following:

Request (I removed the cookie gook):

Invoke-WebRequest -Uri "https://localhost:44355/Customers/IndexJson" `
-Method "POST" `
-Headers @{
"method"="POST"
  "authority"="localhost:44355"
  "scheme"="https"
  "path"="/Customers/IndexJson"
  "sec-ch-ua"="`"Google Chrome`";v=`"87`", `" Not;A Brand`";v=`"99`", `"Chromium`";v=`"87`""
  "accept"="*/*"
  "x-requested-with"="XMLHttpRequest"
  "sec-ch-ua-mobile"="?0"
  "user-agent"="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
  "origin"="https://localhost:44355"
  "sec-fetch-site"="same-origin"
  "sec-fetch-mode"="cors"
  "sec-fetch-dest"="empty"
  "referer"="https://localhost:44355/Customers"
  "accept-encoding"="gzip, deflate, br"
  "accept-language"="en-US,en;q=0.9"
-ContentType "application/x-www-form-urlencoded; charset=UTF-8" `
-Body "sort=&page=1&pageSize=20&group=&filter=&dateRangeIndex=3&isActiveIndex=0";
Invoke-WebRequest -Uri "https://localhost:5001/connect/authorize?client_id=GsiPortal.App&redirect_uri=https%3A%2F%2Flocalhost%3A44355%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access%20email%20phone%20address%20roles%20IdentityServerApi%20Gsi.Activity.Api%20Gsi.Azure.Blob.Api%20Gsi.Azure.Comm.Api%20Gsi.Customer.Api%20Gsi.Cloud.Maintenance.Api&response_mode=form_post&nonce=...cleaned...-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0" -Headers @{
"Referer"="https://localhost:44355/"
  "User-Agent"="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
};
Invoke-WebRequest -Uri "https://localhost:5001/connect/authorize?client_id=GsiPortal.App&redirect_uri=https%3A%2F%2Flocalhost%3A44355%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access%20email%20phone%20address%20roles%20IdentityServerApi%20Gsi.Activity.Api%20Gsi.Azure.Blob.Api%20Gsi.Azure.Comm.Api%20Gsi.Customer.Api%20Gsi.Cloud.Maintenance.Api&response_mode=form_post&nonce=...cleaned...-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0" `
-Method "OPTIONS" `
-Headers @{
"method"="OPTIONS"
  "authority"="localhost:5001"
  "scheme"="https"
  "path"="/connect/authorize?client_id=GsiPortal.App&redirect_uri=https%3A%2F%2Flocalhost%3A44355%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access%20email%20phone%20address%20roles%20IdentityServerApi%20Gsi.Activity.Api%20Gsi.Azure.Blob.Api%20Gsi.Azure.Comm.Api%20Gsi.Customer.Api%20Gsi.Cloud.Maintenance.Api&response_mode=form_post&nonce=...cleaned...-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0"
  "accept"="*/*"
  "access-control-request-method"="GET"
  "access-control-request-headers"="x-requested-with"
  "origin"="https://localhost:44355"
  "user-agent"="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
  "sec-fetch-mode"="cors"
  "sec-fetch-site"="same-site"
  "sec-fetch-dest"="empty"
  "referer"="https://localhost:44355/"
  "accept-encoding"="gzip, deflate, br"
  "accept-language"="en-US,en;q=0.9"
};
Invoke-WebRequest -Uri "https://localhost:44355/Customers/IndexJson" `
-Method "POST" `
-Headers @{
"method"="POST"
  "authority"="localhost:44355"
  "scheme"="https"
  "path"="/Customers/IndexJson"
  "sec-ch-ua"="`"Google Chrome`";v=`"87`", `" Not;A Brand`";v=`"99`", `"Chromium`";v=`"87`""
  "accept"="*/*"
  "x-requested-with"="XMLHttpRequest"
  "sec-ch-ua-mobile"="?0"
  "user-agent"="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
  "origin"="https://localhost:44355"
  "sec-fetch-site"="same-origin"
  "sec-fetch-mode"="cors"
  "sec-fetch-dest"="empty"
  "referer"="https://localhost:44355/Customers"
  "accept-encoding"="gzip, deflate, br"
  "accept-language"="en-US,en;q=0.9"
} `
-ContentType "application/x-www-form-urlencoded; charset=UTF-8" `
-Body "sort=&page=1&pageSize=20&group=&filter=&dateRangeIndex=3&isActiveIndex=0";
Invoke-WebRequest -Uri "https://localhost:5001/connect/authorize?client_id=GsiPortal.App&redirect_uri=https%3A%2F%2Flocalhost%3A44355%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access%20email%20phone%20address%20roles%20IdentityServerApi%20Gsi.Activity.Api%20Gsi.Azure.Blob.Api%20Gsi.Azure.Comm.Api%20Gsi.Customer.Api%20Gsi.Cloud.Maintenance.Api&response_mode=form_post&nonce=...cleaned...-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0" -Headers @{
"Referer"="https://localhost:44355/"
  "User-Agent"="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
};
Invoke-WebRequest -Uri "https://localhost:5001/connect/authorize?client_id=GsiPortal.App&redirect_uri=https%3A%2F%2Flocalhost%3A44355%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access%20email%20phone%20address%20roles%20IdentityServerApi%20Gsi.Activity.Api%20Gsi.Azure.Blob.Api%20Gsi.Azure.Comm.Api%20Gsi.Customer.Api%20Gsi.Cloud.Maintenance.Api&response_mode=form_post&nonce=...cleaned...-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0" `
-Method "OPTIONS" `
-Headers @{
"method"="OPTIONS"
  "authority"="localhost:5001"
  "scheme"="https"
  "path"="/connect/authorize?client_id=GsiPortal.App&redirect_uri=https%3A%2F%2Flocalhost%3A44355%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access%20email%20phone%20address%20roles%20IdentityServerApi%20Gsi.Activity.Api%20Gsi.Azure.Blob.Api%20Gsi.Azure.Comm.Api%20Gsi.Customer.Api%20Gsi.Cloud.Maintenance.Api&response_mode=form_post&nonce=...cleaned...-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0"
  "accept"="*/*"
  "access-control-request-method"="GET"
  "access-control-request-headers"="x-requested-with"
  "origin"="https://localhost:44355"
  "user-agent"="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36"
  "sec-fetch-mode"="cors"
  "sec-fetch-site"="same-site"
  "sec-fetch-dest"="empty"
  "referer"="https://localhost:44355/"
  "accept-encoding"="gzip, deflate, br"
  "accept-language"="en-US,en;q=0.9"
}

Errors:

Customers#:1 Access to XMLHttpRequest at 'https://localhost:5001/connect/authorize?client_id=GsiPortal.App&redirect_uri=https%3A%2F%2Flocalhost%3A44355%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access%20email%20phone%20address%20roles%20IdentityServerApi%20Gsi.Activity.Api%20Gsi.Azure.Blob.Api%20Gsi.Azure.Comm.Api%20Gsi.Customer.Api%20Gsi.Cloud.Maintenance.Api&response_mode=form_post&nonce=637462512968208243.ZTllMzdmOGEtMzRlZS00YWZmLWExMGItNTI0NGEwMmNlYmE2MTQ5ZTIyZmMtMWQ4Yi00YWU3LTk2NTMtYTY2N2FjMzViNDkz&state=CfDJ8D424Yro--hNo8czS4g4Tz-M0hUZ8IWLi1m4T_Vf02s_0tj9j1HSSNWueJYBxRBUEaKtzsY2P5UDGqi81fSr7doRchzSEur_bDMgPj7KwjTD70DlRUhBCalBV3sz08X793e8JQTKwAp_Psp7VOeoM-XGKIpFW-flsS0Z1sHwIUusvFhkXQdvGNfWMlJ4xHMzweHEUNFqTxPkevdBetlRNnCcUExXZYArJDr2IcewGDAS0toh7L2TUWZQ3DT56aXG_18aLwRHSuNXuRzEE1c8GJMgj97cYy5mfW4QRNW9oGBFPe41dhASstz4VaVyinNEPw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0' (redirected from 'https://localhost:44355/Customers/IndexJson') from origin 'https://localhost:44355' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
jquery.min.js:4 GET https://localhost:5001/connect/authorize?client_id=GsiPortal.App&redirect_uri=https%3A%2F%2Flocalhost%3A44355%2Fsignin-oidc&response_type=code&scope=openid%20profile%20offline_access%20email%20phone%20address%20roles%20IdentityServerApi%20Gsi.Activity.Api%20Gsi.Azure.Blob.Api%20Gsi.Azure.Comm.Api%20Gsi.Customer.Api%20Gsi.Cloud.Maintenance.Api&response_mode=form_post&nonce=637462512968208243.ZTllMzdmOGEtMzRlZS00YWZmLWExMGItNTI0NGEwMmNlYmE2MTQ5ZTIyZmMtMWQ4Yi00YWU3LTk2NTMtYTY2N2FjMzViNDkz&state=CfDJ8D424Yro--hNo8czS4g4Tz-M0hUZ8IWLi1m4T_Vf02s_0tj9j1HSSNWueJYBxRBUEaKtzsY2P5UDGqi81fSr7doRchzSEur_bDMgPj7KwjTD70DlRUhBCalBV3sz08X793e8JQTKwAp_Psp7VOeoM-XGKIpFW-flsS0Z1sHwIUusvFhkXQdvGNfWMlJ4xHMzweHEUNFqTxPkevdBetlRNnCcUExXZYArJDr2IcewGDAS0toh7L2TUWZQ3DT56aXG_18aLwRHSuNXuRzEE1c8GJMgj97cYy5mfW4QRNW9oGBFPe41dhASstz4VaVyinNEPw&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0 net::ERR_FAILED
send @ jquery.min.js:4
ajax @ jquery.min.js:4
read @ kendo.all.js:6404
read @ kendo.aspnetmvc.js:257
(anonymous) @ kendo.all.js:7524
_queueRequest @ kendo.all.js:7790
read @ kendo.all.js:7517
gridRefresh @ Customers:214
onclick @ Customers:171

Grid:

        @(Html.Kendo().Grid<Customer>()
            .Name("grid")
            .Columns(columns =>
            {
                columns.Command(command => command
                    .Custom("Select")
                    .Click("goDetail"))
                    .Width(Glossary.Portal.ButtonWidth);
                columns.Bound(p => p.Name)
                    .Filterable(ftb => ftb.Cell(cell => cell.Operator("contains")
                        .ShowOperators(false)
                        .SuggestionOperator(FilterType.Contains)));
                columns.Bound(p => p.LicenseRenewalTimestamp).Title("License Renewal");
            })
            .Pageable()
            .Sortable()
            .Scrollable()
            .Filterable(ftb => ftb.Mode(GridFilterMode.Row))
            .HtmlAttributes(new {style = "height:596px;"})
            .Selectable()
            .Navigatable()
            .DataSource(dataSource => dataSource
                .Ajax()
                .PageSize(20)
                .Read(read => read.Action("IndexJson", "Customers")
                    .Data("gridGetData"))))

Script:

    function gridRefresh() {
        var grid = $("#grid").getKendoGrid();
        grid.dataSource.read();
    }

    function gridGetData() {

        var isActiveIndex = $("#isActiveOptions").val();
        //alert("isActiveIndex: " + isActiveIndex);

        var dateRangeIndex = $("#dateRangeOptions").val();
        //alert("dateRangeIndex: " + dateRangeIndex);

        return {
            dateRangeIndex: dateRangeIndex,
            isActiveIndex: isActiveIndex
        };

        return null;
    }

 

3 Answers, 1 is accepted

Sort by
0
Anton Mironov
Telerik team
answered on 19 Jan 2021, 12:45 PM

Hello Joel,

Thank you for the provided details.

This issue is caused because you need to custom handle the UnAuthorized error (401).

In order to handle the unauthorized Ajax requests for binding the Kendo UI Grid, use the following article:

Furthermore, you could use the following forum post answer approaches:

Give the approaches above a try and let me know if further assistance is needed.


Kind Regards,
Anton Mironov
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

0
Joel
Top achievements
Rank 1
Veteran
Iron
Iron
answered on 20 Jan 2021, 01:06 AM

The examples don't work but they got me a step closer.  How can I interrogate the type of error?

So, e.errorThrown is empty in this script:

function error(e) {
    if (e.errorThrown === "Session expired") {
        location.href = e.xhr.getResponseHeader("Location");
    }
}

 

My current script.  I'm worried I could get into an event (endless) loop as this just reloads the current View.  This type of reload does cause the view to redirect to Identity Server and require a login... so, thats nice.  But, I need to know if the error thrown is due to authorization.

function error(e) {
    var url = '@Model.CurrentRelativeUrl' + '@Model.GetUrlParameters()';
    //alert(url);
    window.location.href = url;
}

 

 

 

 

0
Anton Mironov
Telerik team
answered on 22 Jan 2021, 03:18 PM

Hello Joel,

Thank you for the code snippets provided.

In the provided approach, there is a C# code, where the texts of the errors are manually implemented. This is the reason that they are not available in the JavaScript error function handler. Please double-check if you used the C# code at the beginning of the response:

Try to implement the approach above and let me know if the issue persists.

Best Regards,
Anton Mironov
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

Tags
Grid
Asked by
Joel
Top achievements
Rank 1
Veteran
Iron
Iron
Answers by
Anton Mironov
Telerik team
Joel
Top achievements
Rank 1
Veteran
Iron
Iron
Share this question
or