Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Box Status

CORS issue when integration box with AWS lambda

Follow
New post
fhenri

Hi,

 

I follow the instructions from https://github.com/box/samples/tree/master/box-node-cognito-lambdas-sample as a proof of concept to integrate cognito/box/lambda.

while the instructions are pretty clear and easy to follow (found some gotchas documented here : https://github.com/box/samples/issues/15) I am struggling with a CORS issue.

 

I am using the angular2 sample application, here is flow:

 

1. creating user from the app --> creates user in cognito + box

2. when loggin in the app with the user, the app is calling lambda to get a token from box; when I debug the app through chrome console, I can see the token received from box to the lambda, but on the app I received a cors issue:

 

Failed to load https://: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access.

 

I enabled cors on the API gateway and redeploy the API

I added http://localhost:4200 in the CORS section of my box app

 

still I am getting error.

 

cloud watch is ok and as said, I can see the token from the console - when using a curl command (curl https://api.box.com/2.0/folders/0 -H "Authorization: Bearer )with the token, it works.

 

I am out of idea for now and still unclear for me, where the issue is coming from (most probably on AWS side but looks good to me)

 

Thanks,

Fred

0

Comments

4 comments

Date Votes
  • amgrobelny

    Thanks for documenting those mismatches in the docs!

     

    It sounds as though you did everything you should with CORS setup on both AWS and Box.

     

    You may want to just double check the CORS setup on AWS and verify that it's set up on the /token endpoint you set up as part of this integration.

     

    Make sure OPTIONS is available too. Just as you stated, it sounds like the issue is with API Gateway and not Box, but those are the things to double check that spring to mind immediately.

     

    Thanks,

    AM

    0
    Comment actions Permalink
  • fhenri

    Thanks AM for your feedback

     

    Right, I am pretty clear now its coming from AWS Gateway/Lambda, but still cannot figure which exactly is the issue.

     

    I enabled CORS on my gateway which automatically creates the OPTIONS method, I can see from the client app that it is making a request on OPTIONS first.

    I am not sure after if we need to leave ANY as the method for the gateway, I tried to add a specific POST method in the gateway and then I can see the "access-control-allow-origin: *" parameter in the request, so this was looking promising, however it seems I have to change a lot of code in the lambda now to make it work as expected.

     

    I also reviewed the angular2 app as it comes and it works just fine, the gateway called is https://rrk8eyc9rl.execute-api.us-west-2.amazonaws.com/prototype/api/token and this is working just fine; If you have a chance to review the config of this gateway and if you can share which are the method used and the setup, it would be great.

     

    Thanks,

    Fred

    0
    Comment actions Permalink
  • amgrobelny

    Hey Fred,

     

    It's been a while since you raised this issue, but I had some time and went and updated the swagger.yaml definition for the Cognito integration. I did a pretty large overhaul of the entire project making it a bit easier and with better docs, so in case you didn't see my comment on the repo, you can check that out [here](https://github.com/box/samples). Let me know if anything is confusing or if you need some clarification. Thanks!

    0
    Comment actions Permalink
  • ryanrovan

    Hello!  I have been working through the Lambda/Cognito/Box integrations and I am running into an issue I haven't been able to figure out.  I have been able to create the user and obtain the ID token.  However, trying to obtain the user token is resulting in error about callback.  Here is the error I am getting:

     

    2018-02-20T01:50:06.311Z 5e9e4be2-15e0-11e8-8537-21d2c475d383 TypeError: callback is not a function
    at /var/task/node_modules/box-node-sdk/lib/token-manager.js:373:4
    at /var/task/node_modules/box-node-sdk/lib/token-manager.js:235:4
    at /var/task/node_modules/box-node-sdk/lib/api-request.js:285:3
    at _combinedTickCallback (internal/process/next_tick.js:73:7)
    at process._tickDomainCallback (internal/process/next_tick.js:128:9)

     

    Any pointers are greatly appreciated!

    0
    Comment actions Permalink

Please sign in to leave a comment.