mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
4ebd8fdf4e
This adjusts the CORS headers appropriately for OpenID Connect. This includes responding to OPTIONS requests appropriately. Currently this is only configured to operate when the Origin scheme is HTTPS; but can easily be expanded in the future to include additional Origins.
25 lines
653 B
Go
25 lines
653 B
Go
package handlers
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/ory/fosite"
|
|
|
|
"github.com/authelia/authelia/v4/internal/middlewares"
|
|
)
|
|
|
|
// OAuthRevocationPOST handles POST requests to the OAuth 2.0 Revocation endpoint.
|
|
//
|
|
// https://datatracker.ietf.org/doc/html/rfc7009
|
|
func OAuthRevocationPOST(ctx *middlewares.AutheliaCtx, rw http.ResponseWriter, req *http.Request) {
|
|
var err error
|
|
|
|
if err = ctx.Providers.OpenIDConnect.Fosite.NewRevocationRequest(ctx, req); err != nil {
|
|
rfc := fosite.ErrorToRFC6749Error(err)
|
|
|
|
ctx.Logger.Errorf("Revocation Request failed with error: %+v", rfc)
|
|
}
|
|
|
|
ctx.Providers.OpenIDConnect.Fosite.WriteRevocationResponse(rw, err)
|
|
}
|