{"version":3,"file":"ensure-cors-headers.mjs","sources":["../../../../../../src/server/authenticate/helpers/ensure-cors-headers.ts"],"sourcesContent":["import {BasicParams} from '../../types';\nimport {REAUTH_URL_HEADER} from '../const';\n\nexport interface EnsureCORSFunction {\n  (response: Response): Response;\n}\n\nexport function ensureCORSHeadersFactory(\n  params: BasicParams,\n  request: Request,\n  corsHeaders: string[] = [],\n): EnsureCORSFunction {\n  const {logger, config} = params;\n\n  return function ensureCORSHeaders(response) {\n    const origin = request.headers.get('Origin');\n    if (origin && origin !== config.appUrl) {\n      logger.debug(\n        'Request comes from a different origin, adding CORS headers',\n      );\n\n      const corsHeadersSet = new Set([\n        'Authorization',\n        'Content-Type',\n        ...corsHeaders,\n      ]);\n\n      response.headers.set('Access-Control-Allow-Origin', '*');\n      response.headers.set(\n        'Access-Control-Allow-Headers',\n        [...corsHeadersSet].join(', '),\n      );\n      response.headers.set('Access-Control-Expose-Headers', REAUTH_URL_HEADER);\n    }\n\n    return response;\n  };\n}\n"],"names":[],"mappings":";;AAOM,SAAU,wBAAwB,CACtC,MAAmB,EACnB,OAAgB,EAChB,cAAwB,EAAE,EAAA;AAE1B,IAAA,MAAM,EAAC,MAAM,EAAE,MAAM,EAAC,GAAG,MAAM;IAE/B,OAAO,SAAS,iBAAiB,CAAC,QAAQ,EAAA;QACxC,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;QAC5C,IAAI,MAAM,IAAI,MAAM,KAAK,MAAM,CAAC,MAAM,EAAE;AACtC,YAAA,MAAM,CAAC,KAAK,CACV,4DAA4D,CAC7D;AAED,YAAA,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC;gBAC7B,eAAe;gBACf,cAAc;AACd,gBAAA,GAAG,WAAW;AACf,aAAA,CAAC;YAEF,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,GAAG,CAAC;AACxD,YAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,CAClB,8BAA8B,EAC9B,CAAC,GAAG,cAAc,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAC/B;YACD,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,iBAAiB,CAAC;QAC1E;AAEA,QAAA,OAAO,QAAQ;AACjB,IAAA,CAAC;AACH;;;;"}