Add CORS support for the Worker

.dockerignore

@@ -1,3 +1,2 @@
-target/
+.github
-js/ui/node_modules/
+example
-static/build

Cargo.lock

@@ -3332,8 +3332,7 @@ dependencies = [
 [[package]]
 name = "worker"
 version = "0.0.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
+source = "git+https://github.com/cloudflare/workers-rs?branch=main#fd03338a41f926ce13a56dd92c46724acda2a327"
-checksum = "3848a83f15d6b2908b1654d123d11ae6dadd8b5bd77709847603752a0932dc77"
 dependencies = [
  "async-trait",
  "chrono",
@@ -3342,6 +3341,7 @@ dependencies = [
  "http",
  "js-sys",
  "matchit",
+ "pin-project",
  "serde",
  "serde_json",
  "url",
@@ -3369,8 +3369,7 @@ dependencies = [
 [[package]]
 name = "worker-macros"
 version = "0.0.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
+source = "git+https://github.com/cloudflare/workers-rs?branch=main#fd03338a41f926ce13a56dd92c46724acda2a327"
-checksum = "6bfb9b32a234ca78c62a3214f8d894eebea4930fb5d8730d79c4a3fbf1537703"
 dependencies = [
  "async-trait",
  "proc-macro2",
@@ -3385,8 +3384,7 @@ dependencies = [
 [[package]]
 name = "worker-sys"
 version = "0.0.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
+source = "git+https://github.com/cloudflare/workers-rs?branch=main#fd03338a41f926ce13a56dd92c46724acda2a327"
-checksum = "0f43ff762466dbaa7a1a8a191882829dea9f2c216bdedf8c40c6cff4a9e6c148"
 dependencies = [
  "cfg-if 0.1.10",
  "js-sys",

Cargo.toml

@@ -58,7 +58,8 @@ matchit = "0.4.2"
 serde_urlencoded = "0.7.0"
 uuid = { version = "0.8", features = ["serde", "v4", "wasm-bindgen"] }
 wee_alloc = { version = "0.4" }
-worker = "0.0.8"
+# worker = "0.0.8"
+worker = { git = "https://github.com/cloudflare/workers-rs", branch = "main" }
 
 [profile.release]
 opt-level = "z"

src/worker_lib.rs

@@ -34,6 +34,12 @@ impl From<CustomError> for Result<Response> {
     }
 }
 
+fn get_cors() -> Cors {
+    Cors::new()
+        .with_origins(vec!["*".to_string()])
+        .with_allowed_headers(vec!["authorization".to_string()])
+}
+
 pub async fn main(req: Request, env: Env) -> Result<Response> {
     console_error_panic_hook::set_once();
     // tracing_subscriber::fmt::init();
@@ -96,6 +102,7 @@ pub async fn main(req: Request, env: Env) -> Result<Response> {
             }
             Err(e) => e.into(),
         }
+        .and_then(|r| r.with_cors(&get_cors()))
     };
 
     let router = Router::new();
@@ -105,6 +112,7 @@ pub async fn main(req: Request, env: Env) -> Result<Response> {
                 Ok(m) => Response::from_json(&m),
                 Err(e) => e.into(),
             }
+            .and_then(|r| r.with_cors(&get_cors()))
         })
         .get_async(oidc::JWK_PATH, |_req, ctx| async move {
             let private_key = RsaPrivateKey::from_pkcs1_pem(&ctx.secret(RSA_PEM_KEY)?.to_string())
@@ -114,6 +122,10 @@ pub async fn main(req: Request, env: Env) -> Result<Response> {
                 Ok(m) => Response::from_json(&m),
                 Err(e) => e.into(),
             }
+            .and_then(|r| r.with_cors(&get_cors()))
+        })
+        .options_async(oidc::TOKEN_PATH, |mut _req, _ctx| async move {
+            Response::empty()?.with_cors(&get_cors())
         })
         .post_async(oidc::TOKEN_PATH, |mut req, ctx| async move {
             let form_data = req.form_data().await?;
@@ -182,6 +194,7 @@ pub async fn main(req: Request, env: Env) -> Result<Response> {
                 Ok(m) => Response::from_json(&m),
                 Err(e) => e.into(),
             }
+            .and_then(|r| r.with_cors(&get_cors()))
         })
         // TODO add browser session
         .get_async(oidc::AUTHORIZE_PATH, |req, ctx| async move {