Commit 540714d4 authored by michael.simon's avatar michael.simon
Browse files

Add CORS Headers for PKCE SPA OIDC Code flow apps

parent f2e51110
......@@ -326,7 +326,14 @@ public class OidcOpLoginImpl implements OidcOpLogin {
throw new OidcAuthenticationException("cannot create hash at the moment. This is bad.");
}
}
if (clientConfig.getGenericStore().containsKey("cors_allow_regex")) {
String origin = request.getHeader("Origin");
if (origin.matches(clientConfig.getGenericStore().get("cors_allow_regex"))) {
response.setHeader("Access-Control-Allow-Origin", origin);
}
}
IdentityEntity identity = flowState.getIdentity();
if (identity == null) {
......
......@@ -51,6 +51,8 @@ public class OidcCertsController {
@Produces(MediaType.APPLICATION_JSON)
public String auth(@PathParam("realm") String realm, @Context HttpServletRequest request, @Context HttpServletResponse response)
throws IOException, OidcAuthenticationException {
response.setHeader("Access-Control-Allow-Origin", "*");
try {
logger.debug("certs called for {}", realm);
......
......@@ -47,6 +47,8 @@ public class OidcWellknownController {
public JSONObject wellknown(@PathParam("realm") String realm, @Context HttpServletRequest request, @Context HttpServletResponse response)
throws ServletException {
response.setHeader("Access-Control-Allow-Origin", "*");
OidcOpConfigurationEntity opConfig = opService.findByRealmAndHost(realm, request.getServerName());
if (opConfig == null) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment