Merge pull request #2274 from stianst/KEYCLOAK-2500

KEYCLOAK-2500 Add cors headers to .well-known endpoints
This commit is contained in:
Stian Thorgersen 2016-02-25 12:03:25 +01:00
commit 6df72d67c5

View file

@ -16,6 +16,7 @@
*/
package org.keycloak.services.resources;
import org.jboss.resteasy.spi.HttpRequest;
import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.common.ClientConnection;
@ -40,6 +41,7 @@ import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.*;
import javax.ws.rs.core.Response.ResponseBuilder;
/**
* @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
@ -55,6 +57,9 @@ public class RealmsResource {
@Context
protected ClientConnection clientConnection;
@Context
private HttpRequest request;
public static UriBuilder realmBaseUrl(UriInfo uriInfo) {
UriBuilder baseUriBuilder = uriInfo.getBaseUriBuilder();
return realmBaseUrl(baseUriBuilder);
@ -180,7 +185,9 @@ public class RealmsResource {
init(name);
WellKnownProvider wellKnown = session.getProvider(WellKnownProvider.class, providerName);
return Response.ok(wellKnown.getConfig()).cacheControl(CacheControlUtil.getDefaultCacheControl()).build();
ResponseBuilder responseBuilder = Response.ok(wellKnown.getConfig()).cacheControl(CacheControlUtil.getDefaultCacheControl());
return Cors.add(request, responseBuilder).allowedOrigins("*").build();
}
}