From c8c0d0e80431bfcffc23df394d3032f2f740de8c Mon Sep 17 00:00:00 2001
From: Gregor Tudan <gregor.tudan@cofinpro.de>
Date: Tue, 14 Jul 2015 08:22:08 +0200
Subject: [PATCH] KEYCLOAK-1564: Add CORS-Headers to token requests by password
 credentials

---
 .../org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
index bdcbf7369d..eea4c1d702 100755
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
@@ -356,7 +356,7 @@ public class TokenEndpoint {
 
         event.success();
 
-        return Response.ok(res, MediaType.APPLICATION_JSON_TYPE).build();
+        return Cors.add(request, Response.ok(res, MediaType.APPLICATION_JSON_TYPE)).auth().allowedOrigins(client).allowedMethods("POST").exposedHeaders(Cors.ACCESS_CONTROL_ALLOW_METHODS).build();
     }
 
 }
\ No newline at end of file