From c9d41f2517cb3ce505db089368b055f554dfd3a1 Mon Sep 17 00:00:00 2001
From: Pierre HUBERT <pierre.git@communiquons.org>
Date: Fri, 21 Feb 2025 15:51:33 +0100
Subject: [PATCH] Add CORS on token endpoint

---
 src/controllers/openid_controller.rs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/controllers/openid_controller.rs b/src/controllers/openid_controller.rs
index b3e0c1f..ebcf2e0 100644
--- a/src/controllers/openid_controller.rs
+++ b/src/controllers/openid_controller.rs
@@ -609,8 +609,9 @@ pub async fn token(
     };
 
     Ok(HttpResponse::Ok()
-        .append_header(("Cache-Control", "no-store"))
-        .append_header(("Pragam", "no-cache"))
+        .insert_header(("Cache-Control", "no-store"))
+        .insert_header(("Pragma", "no-cache"))
+        .insert_header(("access-control-allow-origin", "*"))
         .json(token_response))
 }