Add CORS headers to OAuth client metadata and JWKS endpoints · joebasser.com/atmosphere-account@bb9f9b7

this repo has no description

Add CORS headers to OAuth client metadata and JWKS endpoints

Authorization servers fetch these URLs cross-origin during PAR. Without
Access-Control-Allow-Origin, some AS implementations reject the client with
invalid_client_metadata (Unable to obtain client metadata).

Made-with: Cursor

Joe Basser 3 weeks ago bb9f9b7b 3f4cb078

2 changed files

expand all

routes

oauth

client-metadata.json.ts

jwks.json.ts

routes/oauth/client-metadata.json.ts

··· 40 40 headers: { 41 41 "content-type": "application/json; charset=utf-8", 42 42 "cache-control": "public, max-age=60, s-maxage=300", 43 + "access-control-allow-origin": "*", 43 44 }, 44 45 }); 45 46 },

routes/oauth/jwks.json.ts

··· 34 34 headers: { 35 35 "content-type": "application/json; charset=utf-8", 36 36 "cache-control": "public, max-age=60, s-maxage=300", 37 + "access-control-allow-origin": "*", 37 38 }, 38 39 }); 39 40 },

Configure Feed

Configure Feed