I have my application deployed here: https://giftyou.herokuapp.com.
Most of the times everything works fine, but from time to time, the request coming back from Google fails with the following error in the logs:
Failed to load https://accounts.google.com/o/oauth2/auth?scope=profile+email&client_id=1xxx.apps.googleusercontent.com&response_type=code&redirect_uri=https%3A%2F%2Fgiftyou.herokuapp.com: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘https://giftyou.herokuapp.com’ is therefore not allowed access. The response had HTTP status code 405.
I usually try several times and it works. And in the cases when it works, I actually do not see this request in the network tab in Chrome so I am quite puzzled.
Edit: I forgot to say that I am doing client-side authentication (with Angular 4)