diff --git a/.changeset/smooth-emus-crash.md b/.changeset/smooth-emus-crash.md new file mode 100644 index 00000000..270b70ff --- /dev/null +++ b/.changeset/smooth-emus-crash.md @@ -0,0 +1,5 @@ +--- +"@openauthjs/openauth": patch +--- + +fix: enable CORS on well-known routes diff --git a/packages/openauth/src/issuer.ts b/packages/openauth/src/issuer.ts index a36feda5..16b30917 100644 --- a/packages/openauth/src/issuer.ts +++ b/packages/openauth/src/issuer.ts @@ -738,28 +738,46 @@ export function issuer< app.route(`/${name}`, route) } - app.get("/.well-known/jwks.json", async (c) => { - const all = await allSigning - return c.json({ - keys: all.map((item) => ({ - ...item.jwk, - exp: item.expired - ? Math.floor(item.expired.getTime() / 1000) - : undefined, - })), - }) - }) + app.get( + "/.well-known/jwks.json", + cors({ + origin: "*", + allowHeaders: ["*"], + allowMethods: ["GET"], + credentials: false, + }), + async (c) => { + const all = await allSigning + return c.json({ + keys: all.map((item) => ({ + ...item.jwk, + exp: item.expired + ? Math.floor(item.expired.getTime() / 1000) + : undefined, + })), + }) + }, + ) - app.get("/.well-known/oauth-authorization-server", async (c) => { - const iss = issuer(c) - return c.json({ - issuer: iss, - authorization_endpoint: `${iss}/authorize`, - token_endpoint: `${iss}/token`, - jwks_uri: `${iss}/.well-known/jwks.json`, - response_types_supported: ["code", "token"], - }) - }) + app.get( + "/.well-known/oauth-authorization-server", + cors({ + origin: "*", + allowHeaders: ["*"], + allowMethods: ["GET"], + credentials: false, + }), + async (c) => { + const iss = issuer(c) + return c.json({ + issuer: iss, + authorization_endpoint: `${iss}/authorize`, + token_endpoint: `${iss}/token`, + jwks_uri: `${iss}/.well-known/jwks.json`, + response_types_supported: ["code", "token"], + }) + }, + ) app.post( "/token",