dan-silver
commented
6 years ago I'm not a SharePoint expert, but I think there's an easier way to get access tokens to call Graph with SSO (Single Sign on) in webparts. Have you seen https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/guidance/call-microsoft-graph-from-your-web-part ?
About the error you saw - I don't think the v2 auth endpoint supports CORS requests and this script wasn't meant to be run in a browser. There are many libraries to help with web oauth authentication in general like ADAL/MSAL or Hello.js that's 3rd party open source. Front end apps use either the implicit login flow that redirects the user to the login page or a hidden iframe. Either way, they're not making requests to the auth endpoint to get access tokens so CORS shouldn't be an issue.
A CORS issue is happening when the code tries to get the token from "https://login.microsoftonline.com/common/oauth2/v2.0/token" at:
GraphHelper.ts line 45
Important: I'm using it on a SPFx webpart