Access-Control-Allow-Origin错误405 PHP Google App Engine

Question

我正在尝试使用PHP编写器API在Google App Engine实例上实现oauth2.0。

通过以下代码正确生成Auth URL

<?php

require_once '../vendor/autoload.php';

$client = new Google_Client();
$client->setAuthConfig('client_secrets.json');
$client->addScope(Google_Service_Drive::DRIVE_METADATA_READONLY);
$client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/oauth2callback.php'); 
$client->setAccessType('offline');        // offline access
$client->setIncludeGrantedScopes(true);   // incremental auth
$auth_url = $client->createAuthUrl();

header('Access-Control-Allow-Origin: *');
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));          
// echo json_encode($auth_url);

?>

网址如下：

https://accounts.google.com/signin/oauth/oauthchooseaccount?client_id=XXXXXXXXXXXX-xxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com&as=XXXXXXXXXXXXXXX&nosignup=1&destination=https%3A%2F%2F8080-dot-XXXXXXXX-dot-devshell.appspot.com&approval_state=!ChR1aDFzeTRnV0VwV3k5bnRUTE03VhIfTTFSWDE5alh6a3dmTUlqOWRic2JOcGJVOFpCMF9CVQ%E2%88%99AHw7d_cAAAAAWg94rrASgbBmxgqR7-EoHnh7ODzIZFFs&xsrfsig=AHgIfE9KYIWBAwreZlJiMT_WwANJebcipw&flowName=GeneralOAuthFlow

当我直接测试$ auth_url时，它运行正常，我得到了Google登录页面。

但是，在GAE上运行脚本时，我收到以下错误消息：

OPTIONS https://accounts.google.com/o/oauth2/auth?response_type=code&access_type=online&client_id=XXXXXXXXXXXX-xxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com&redirect_uri=https://8080-dot-XXXXXXXX-dot-devshell.appspot.com%2Foauth2callback.php&state&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive.metadata.readonly&approval_prompt=auto&include_granted_scopes=true 405 ()

login_ga.php:1 Failed to load https://accounts.google.com/o/oauth2/auth?response_type=code&access_type=online&client_id=XXXXXXXXXXXXXXX-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com&redirect_uri=https://8080-dot-XXXXXXXXXXX-dot-devshell.appspot.com%2Foauth2callback.php&state&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive.metadata.readonly&approval_prompt=auto&include_granted_scopes=true: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://8080-dot-XXXXXXXXX-dot-devshell.appspot.com' is therefore not allowed access. The response had HTTP status code 405.

我已经尝试了一切我能想到的但没有取得任何成功：

header('Access-Control-Allow-Origin: *');

我尝试将Access-Control-Allow-Origin添加到我的app.yaml：

http_headers:
   Access-Control-Allow-Origin: "*"

没有想法......感谢您的帮助！