aaoliveira/index.html

## index.html
<!DOCTYPE html>
<html lang="en">

<head>
    <title></title>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
</head>

<body>
    <script src="https://code.jquery.com/jquery-1.12.4.min.js" integrity="sha256-ZosEbRLbNQzLpnKIkEdrPv7lOy9C27hHQ+Xp8a4MxAQ=" crossorigin="anonymous"></script>
    <script src="https://carteirac1.hml.stelo.com.br/static/js/component/register-card.js"></script>
    <script>
        var username = 'cf8db6fe61bc1efebc6ae4f5ab4af60c';
        var password = 'f538b73a11eac49827f6da678e859fa7';
        var url = "https://apic1.hml.stelo.com.br/security/v1/cards/tokens";

        var data = {
            'number': '524415421245',
            'embossing': 'Alexandre Azevedo',
            'expiryDate': '05/2024',
            'cvv': '091'
        };

        function make_base_auth(user, password) {
            var tok = user + ':' + password;
            var hash = btoa(tok);
            console.log(hash);
            return "Basic " + hash;
        }

        $.registerCard({
            url: url,
            crossOrigin: true,
            contentType: 'application/json',
            dataType: "JSONP",
            data: data,
            //id: 'cf8db6fe61bc1efebc6ae4f5ab4af60c',
            async: false,
            username: username,
            password: password,
            xhrFields: {
                withCredentials: true
            },
            /*headers: {
                "Access-Control-Allow-Headers": "Origin, X-Requested-With, Content-Type, Accept, Authorization",
                'Access-Control-Allow-Origin': '*',
                "Access-Control-Allow-Methods": "POST, GET, OPTIONS, DELETE, PUT, HEAD",
                "Authorization": make_base_auth(username, password)
            },*/
            beforeSend: function(xhr) {
                xhr.setRequestHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");
                xhr.setRequestHeader("Access-Control-Allow-Credentials", true);
                xhr.setRequestHeader("'Access-Control-Allow-Origin", "*");
                xhr.setRequestHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT, HEAD");
                xhr.setRequestHeader("Authorization", make_base_auth(username, password));

            },
            callback: function(response) {
                console.log(response.token); //método para requisição bem sucedida
            },
            fnError: function(response) {
                console.log(response); //método para erro na requisição
            },
        });
    </script>
</body>

</html>
	<!DOCTYPE html>
	<html lang="en">

	<head>
	<title></title>
	<meta charset="UTF-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	</head>

	<body>
	<script src="https://code.jquery.com/jquery-1.12.4.min.js" integrity="sha256-ZosEbRLbNQzLpnKIkEdrPv7lOy9C27hHQ+Xp8a4MxAQ=" crossorigin="anonymous"></script>
	<script src="https://carteirac1.hml.stelo.com.br/static/js/component/register-card.js"></script>
	<script>
	var username = 'cf8db6fe61bc1efebc6ae4f5ab4af60c';
	var password = 'f538b73a11eac49827f6da678e859fa7';
	var url = "https://apic1.hml.stelo.com.br/security/v1/cards/tokens";

	var data = {
	'number': '524415421245',
	'embossing': 'Alexandre Azevedo',
	'expiryDate': '05/2024',
	'cvv': '091'
	};

	function make_base_auth(user, password) {
	var tok = user + ':' + password;
	var hash = btoa(tok);
	console.log(hash);
	return "Basic " + hash;
	}

	$.registerCard({
	url: url,
	crossOrigin: true,
	contentType: 'application/json',
	dataType: "JSONP",
	data: data,
	//id: 'cf8db6fe61bc1efebc6ae4f5ab4af60c',
	async: false,
	username: username,
	password: password,
	xhrFields: {
	withCredentials: true
	},
	/*headers: {
	"Access-Control-Allow-Headers": "Origin, X-Requested-With, Content-Type, Accept, Authorization",
	'Access-Control-Allow-Origin': '*',
	"Access-Control-Allow-Methods": "POST, GET, OPTIONS, DELETE, PUT, HEAD",
	"Authorization": make_base_auth(username, password)
	},*/
	beforeSend: function(xhr) {
	xhr.setRequestHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");
	xhr.setRequestHeader("Access-Control-Allow-Credentials", true);
	xhr.setRequestHeader("'Access-Control-Allow-Origin", "*");
	xhr.setRequestHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT, HEAD");
	xhr.setRequestHeader("Authorization", make_base_auth(username, password));

	},
	callback: function(response) {
	console.log(response.token); //método para requisição bem sucedida
	},
	fnError: function(response) {
	console.log(response); //método para erro na requisição
	},
	});
	</script>
	</body>

	</html>