Angular 7 HttpClient post response headers are empty
Question
I am trying to perform login from Angular 7 with Spring security backend:
login(username: string, password: string) {
const formData = new FormData();
formData.append('username', username);
formData.append('password', password);
return this.http.post<UserInfo>(`${API_URL}/login`, formData, {observe: 'response'})
.pipe(map(response => {
const jwtToken = response.headers.get(AUTHORIZATION).replace('Bearer', '').trim();
const userInfo = response.body;
if (jwtToken && userInfo) {
const user = new User(username, password, jwtToken, userInfo);
localStorage.setItem(CURRENT_USER, JSON.stringify(user));
this.currentUserSubject.next(user);
}
return response;
}));
}
But, response.headers is simply empty and contains no headers whatsoever. Postman and Chrome dev tools show many headers and even the one I need - Authorization. I have reviewed many SO questions and github issues, but they all say the same thing, which does not work for me - to simply list the header in CORS Access-Control-Expose-Headers, but I have done that and nothing changed. Here is a relevant Spring configuration:
@Bean
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.addAllowedOrigin("http://localhost:4200");
configuration.addExposedHeader("Authorization");
configuration.addAllowedMethod("*");
configuration.addAllowedHeader("*");
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
At this point I am stuck and have no idea how to make Angular access those headers:
2 answers
solution1
2 ACCPTED 2019-01-26 23:39:47
You need authorization header , which you can get by response.headers.get("Authorization") . Try:
const jwtToken = response.headers.get("Authorization").replace('Bearer', '').trim();
solution2
0 2019-01-28 16:06:49
On server side you need to configure "Access-Control-Allow-Headers". Refer this post: Angular 6 Get response headers with httpclient issue .
For me this configuration did the trick:
@Bean
CorsConfigurationSource corsConfigurationSource() {
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("*");
config.addExposedHeader(
"Authorization, x-xsrf-token, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, "
+ "Content-Type, Access-Control-Request-Method, Custom-Filter-Header");
config.addAllowedHeader("*");
config.addAllowedMethod("OPTIONS");
config.addAllowedMethod("GET");
config.addAllowedMethod("POST");
config.addAllowedMethod("PUT");
config.addAllowedMethod("DELETE");
source.registerCorsConfiguration("/**", config);
return source;
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.