Add configurable CORS policy in OpenIDProvider
This commit is contained in:
Kory Prince
parent
f014796c45
commit
8a11cca6bb
1 changed files with 22 additions and 1 deletions
21
pkg/op/op.go
21
pkg/op/op.go
|
|
@ -97,9 +97,17 @@ type OpenIDProvider interface {
|
||||||
|
|
||||||
type HttpInterceptor func(http.Handler) http.Handler
|
type HttpInterceptor func(http.Handler) http.Handler
|
||||||
|
|
||||||
|
type corsOptioner interface {
|
||||||
|
CORSOptions() cors.Options
|
||||||
|
}
|
||||||
|
|
||||||
func CreateRouter(o OpenIDProvider, interceptors ...HttpInterceptor) chi.Router {
|
func CreateRouter(o OpenIDProvider, interceptors ...HttpInterceptor) chi.Router {
|
||||||
router := chi.NewRouter()
|
router := chi.NewRouter()
|
||||||
|
if co, ok := o.(corsOptioner); ok {
|
||||||
|
router.Use(cors.New(co.CORSOptions()).Handler)
|
||||||
|
} else {
|
||||||
router.Use(cors.New(defaultCORSOptions).Handler)
|
router.Use(cors.New(defaultCORSOptions).Handler)
|
||||||
|
}
|
||||||
router.Use(intercept(o.IssuerFromRequest, interceptors...))
|
router.Use(intercept(o.IssuerFromRequest, interceptors...))
|
||||||
router.HandleFunc(healthEndpoint, healthHandler)
|
router.HandleFunc(healthEndpoint, healthHandler)
|
||||||
router.HandleFunc(readinessEndpoint, readyHandler(o.Probes()))
|
router.HandleFunc(readinessEndpoint, readyHandler(o.Probes()))
|
||||||
|
|
@ -224,6 +232,7 @@ func NewProvider(config *Config, storage Storage, issuer func(insecure bool) (Is
|
||||||
storage: storage,
|
storage: storage,
|
||||||
endpoints: DefaultEndpoints,
|
endpoints: DefaultEndpoints,
|
||||||
timer: make(<-chan time.Time),
|
timer: make(<-chan time.Time),
|
||||||
|
corsOpts: defaultCORSOptions,
|
||||||
logger: slog.Default(),
|
logger: slog.Default(),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -268,6 +277,7 @@ type Provider struct {
|
||||||
timer <-chan time.Time
|
timer <-chan time.Time
|
||||||
accessTokenVerifierOpts []AccessTokenVerifierOpt
|
accessTokenVerifierOpts []AccessTokenVerifierOpt
|
||||||
idTokenHintVerifierOpts []IDTokenHintVerifierOpt
|
idTokenHintVerifierOpts []IDTokenHintVerifierOpt
|
||||||
|
corsOpts cors.Options
|
||||||
logger *slog.Logger
|
logger *slog.Logger
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -427,6 +437,10 @@ func (o *Provider) Probes() []ProbesFn {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (o *Provider) CORSOptions() cors.Options {
|
||||||
|
return o.corsOpts
|
||||||
|
}
|
||||||
|
|
||||||
func (o *Provider) Logger() *slog.Logger {
|
func (o *Provider) Logger() *slog.Logger {
|
||||||
return o.logger
|
return o.logger
|
||||||
}
|
}
|
||||||
|
|
@ -587,6 +601,13 @@ func WithIDTokenHintVerifierOpts(opts ...IDTokenHintVerifierOpt) Option {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func WithCORSOptions(opts cors.Options) Option {
|
||||||
|
return func(o *Provider) error {
|
||||||
|
o.corsOpts = opts
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// WithLogger lets a logger other than slog.Default().
|
// WithLogger lets a logger other than slog.Default().
|
||||||
//
|
//
|
||||||
// EXPERIMENTAL: Will change to log/slog import after we drop support for Go 1.20
|
// EXPERIMENTAL: Will change to log/slog import after we drop support for Go 1.20
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue