-
-
Save agnoster/6e38a1c595102e892381 to your computer and use it in GitHub Desktop.
Simple example of how to access the Asana API with CORS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AsanaApi = (function() { | |
| // Adapted from http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cross-origin-resource-sharing/ | |
| function createCORSRequest(method, url) { | |
| var xhr = new XMLHttpRequest() | |
| if ("withCredentials" in xhr) { | |
| xhr.open(method, url, true) | |
| } else if (typeof XDomainRequest != "undefined") { | |
| xhr = new XDomainRequest() | |
| xhr.open(method, url) | |
| } else { | |
| throw new Error("CORS not supported by browser") | |
| } | |
| return xhr | |
| } | |
| function authorizationHeader(options) { | |
| if (options.api_key) return "Basic " + btoa(options.api_key + ":") | |
| if (options.token) return "Bearer " + options.token | |
| throw new Error("Unknown authorization type, specify api_key or token") | |
| } | |
| function AsanaApi(options) { | |
| options = options || {} | |
| this.host = options.host || "app.asana.com" | |
| this.root = options.root || "https://" + this.host + "/api/1.0" | |
| this.authorization = authorizationHeader(options) | |
| } | |
| AsanaApi.prototype.request = function(method, path, cb) { | |
| var xhr = createCORSRequest(method, [this.root, path].join("/")) | |
| xhr.setRequestHeader("Authorization", this.authorization) | |
| xhr.onreadystatechange = function() { | |
| if (xhr.readyState !== 4) return | |
| var response = JSON.parse(xhr.response) | |
| if (xhr.status < 400) { | |
| cb(null, response) | |
| } else { | |
| cb(response) | |
| } | |
| } | |
| xhr.send() | |
| } | |
| return AsanaApi | |
| })() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>Asana API Test</title> | |
| </head> | |
| <body> | |
| <script src="./asana-api.js" type="text/javascript"></script> | |
| <script type="text/javascript"> | |
| // You must specify or replace ASANA_API_KEY with a valid string containing your Asana API key | |
| // Alternatively, you can supply the options { token: ASANA_OAUTH_TOKEN } with a valid OAuth bearer token | |
| var asana = new AsanaApi({ api_key: ASANA_API_KEY }) | |
| asana.request("GET", "users/me", function(err, response) { | |
| if (err) console.error("Error:", err) | |
| else console.log("Current user:", response.data) | |
| }) | |
| </script> | |
| </body> | |
| </html> |
Seems that CORS in IE9 doesn't support sending headers, so it's possible to get it to work afaik.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This doesn't seem to support IE9.
The btoa() function can be added through https://code.google.com/p/stringencoders/source/browse/trunk/javascript/base64.js
But I still get a "access denied" message on the "xhr.open(method, url)".
Is there any way to make this compatible with IE9?