From 7baf611e0101626a763ceb746a15e3377473688d Mon Sep 17 00:00:00 2001 From: Olivier Levitt Date: Thu, 21 Mar 2024 20:41:20 +0100 Subject: [PATCH] Cors --- go.mod | 1 + go.sum | 2 ++ internal/configuration/config.yaml | 3 +++ internal/configuration/configuration.go | 11 ++++++++++- main.go | 12 ++++++++++++ 5 files changed, 28 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 8377c4d..65fddb7 100644 --- a/go.mod +++ b/go.mod @@ -52,6 +52,7 @@ require ( github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/gabriel-vasile/mimetype v1.4.3 // indirect + github.com/gin-contrib/cors v1.7.0 // indirect github.com/gin-contrib/sse v0.1.0 // indirect github.com/go-errors/errors v1.5.1 // indirect github.com/go-gorp/gorp/v3 v3.1.0 // indirect diff --git a/go.sum b/go.sum index fb4c87f..6f5e34f 100644 --- a/go.sum +++ b/go.sum @@ -118,6 +118,8 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0= github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk= +github.com/gin-contrib/cors v1.7.0 h1:wZX2wuZ0o7rV2/1i7gb4Jn+gW7HBqaP91fizJkBUJOA= +github.com/gin-contrib/cors v1.7.0/go.mod h1:cI+h6iOAyxKRtUtC6iF/Si1KSFvGm/gK+kshxlCi8ro= github.com/gin-contrib/gzip v0.0.6 h1:NjcunTcGAj5CO1gn4N8jHOSIeRFHIbn51z6K+xaN4d4= github.com/gin-contrib/gzip v0.0.6/go.mod h1:QOJlmV2xmayAjkNS2Y8NQsMneuRShOU/kjovCXNuzzk= github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= diff --git a/internal/configuration/config.yaml b/internal/configuration/config.yaml index 0a9b490..1cad7ff 100644 --- a/internal/configuration/config.yaml +++ b/internal/configuration/config.yaml @@ -7,6 +7,9 @@ oidc: username-claim: groups-claim: extra-query-params: +security: + cors: + allowed_origins: rootPath: /api regions: - id: kub diff --git a/internal/configuration/configuration.go b/internal/configuration/configuration.go index 701f640..5d8e15d 100644 --- a/internal/configuration/configuration.go +++ b/internal/configuration/configuration.go @@ -4,13 +4,22 @@ type Configuration struct { Authentication Authentication RootPath string Regions []Region - OIDC OIDC `json:"oidc"` + OIDC OIDC `json:"oidc"` + Security Security `json:"security"` } type Authentication struct { Mode string `json:"mode"` } +type Security struct { + CORS CORS `json:"cors"` +} + +type CORS struct { + AllowedOrigins string `json:"allowed_origins"` +} + type OIDC struct { IssuerURI string `json:"issuer-uri"` ClientID string `json:"clientID"` diff --git a/main.go b/main.go index 6b60cef..e60b8b6 100644 --- a/main.go +++ b/main.go @@ -8,6 +8,7 @@ import ( "time" oidc "github.com/coreos/go-oidc/v3/oidc" + "github.com/gin-contrib/cors" "github.com/gin-gonic/gin" cmd "github.com/inseefrlab/onyxia-api/cmd" _ "github.com/inseefrlab/onyxia-api/docs" @@ -58,5 +59,16 @@ func main() { cmd.RegisterPrivateHandlers(privateRoutes) cmd.RegisterPublicHandlers(publicRoutes) + + if configuration.Config.Security.CORS.AllowedOrigins != "" { + r.Use(cors.New(cors.Config{ + AllowOrigins: []string{configuration.Config.Security.CORS.AllowedOrigins}, + AllowMethods: []string{"*"}, + AllowHeaders: []string{"Origin"}, + ExposeHeaders: []string{"Content-Length"}, + AllowCredentials: true, + MaxAge: 12 * time.Hour, + })) + } r.Run() }