Allow cross origin access to OAuth 2 token endpoints

2021-07-06 19:30:05 +01:00 · 2021-07-06 19:30:05 +01:00 · ba8093f13a
commit ba8093f13a
parent 9db8488e7f
1 changed files with 3 additions and 0 deletions
--- a/config/initializers/cors.rb
+++ b/config/initializers/cors.rb
@ -22,6 +22,9 @@ Rails.application.config.middleware.insert_before 0, OpenStreetMap::Cors do
  allow do
    origins "*"
    resource "/oauth/*", :headers => :any, :methods => [:get, :post]
+    resource "/oauth2/token", :headers => :any, :methods => [:post]
+    resource "/oauth2/revoke", :headers => :any, :methods => [:post]
+    resource "/oauth2/introspect", :headers => :any, :methods => [:post]
    resource "/api/*", :headers => :any, :methods => [:get, :post, :put, :delete]
    resource "/diary/rss", :headers => :any, :methods => [:get]
    resource "/diary/*/rss", :headers => :any, :methods => [:get]