Add the ability to configure CORS headers

Author: bartjkdp

cmd/filter-proxy/main.go

@@ -16,6 +16,7 @@ import (
 	"github.com/golang-jwt/jwt/v4"
 	"github.com/gorilla/mux"
 	"github.com/itchyny/gojq"
+	"github.com/rs/cors"
 
 	"github.com/delta10/filter-proxy/internal/config"
 	"github.com/delta10/filter-proxy/internal/route"
@@ -78,10 +79,10 @@ func main() {
 
 				resp, err := client.Do(r)
 				if err != nil {
-					log.Printf("%+v", r.URL)
-					http.Error(w, "Server Error", http.StatusInternalServerError)
-					log.Fatal("ServeHTTP:", err)
+					writeError(w, http.StatusBadGateway, fmt.Sprintf("could not fetch backend response: %s", err))
+					return
 				}
+
 				defer resp.Body.Close()
 
 				utils.DelHopHeaders(resp.Header)
@@ -239,7 +240,7 @@ func main() {
 
 				proxyResp, err := client.Do(backendRequest)
 				if err != nil {
-					writeError(w, http.StatusInternalServerError, fmt.Sprintf("could not fetch backend response: %s", err))
+					writeError(w, http.StatusBadGateway, fmt.Sprintf("could not fetch backend response: %s", err))
 					return
 				}
 
@@ -295,9 +296,23 @@ func main() {
 		}
 	}
 
+	var httpHandler http.Handler
+	if len(config.Cors.AllowedOrigins) > 0 {
+		c := cors.New(cors.Options{
+			AllowedOrigins:   config.Cors.AllowedOrigins,
+			AllowedMethods:   config.Cors.AllowedMethods,
+			AllowedHeaders:   config.Cors.AllowedHeaders,
+			AllowCredentials: config.Cors.AllowCredentials,
+		})
+
+		httpHandler = c.Handler(router)
+	} else {
+		httpHandler = router
+	}
+
 	s := &http.Server{
 		Addr:           config.ListenAddress,
-		Handler:        router,
+		Handler:        httpHandler,
 		ReadTimeout:    10 * time.Second,
 		WriteTimeout:   10 * time.Second,
 		MaxHeaderBytes: 1 << 20,
@@ -403,7 +418,7 @@ func authorizeRequestWithService(config *config.Config, backend config.Backend,
 	request.Header.Set("X-Forwarded-For", utils.ReadUserIP(r))
 
 	client := &http.Client{
-		Timeout: 10 * time.Second,
+		Timeout: 25 * time.Second,
 	}
 
 	resp, err := client.Do(request)

config.yaml

@@ -6,6 +6,12 @@ listenAddress: localhost:8050
 
 authorizationServiceUrl: http://localhost:8000/atlas/api/v1/authorize
 
+cors:
+  allowedOrigins: []
+  allowedMethods: []
+  allowedHeaders: []
+  allowCredentials: true
+
 paths:
   - path: /api/ows
     backend:

go.mod

@@ -13,5 +13,6 @@ require (
 	github.com/itchyny/timefmt-go v0.1.5 // indirect
 	github.com/kr/pretty v0.3.0 // indirect
 	github.com/rogpeppe/go-internal v1.9.0 // indirect
+	github.com/rs/cors v1.10.1 // indirect
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
 )

go.sum

@@ -18,6 +18,8 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
 github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
+github.com/rs/cors v1.10.1 h1:L0uuZVXIKlI1SShY2nhFfo44TYvDPQ1w4oFkUJNfhyo=
+github.com/rs/cors v1.10.1/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=

internal/config/config.go

@@ -36,6 +36,13 @@ type Path struct {
 	ResponseRewrite string `yaml:"responseRewrite"`
 }
 
+type Cors struct {
+	AllowedOrigins   []string `yaml:"allowedOrigins"`
+	AllowedMethods   []string `yaml:"allowedMethods"`
+	AllowedHeaders   []string `yaml:"allowedHeaders"`
+	AllowCredentials bool     `yaml:"allowCredentials"`
+}
+
 type Config struct {
 	ListenAddress string `yaml:"listenAddress"`
 	ListenTLS     struct {
@@ -46,6 +53,7 @@ type Config struct {
 	JwksURL                 string             `yaml:"jwksUrl"`
 	Paths                   []Path             `yaml:"paths"`
 	Backends                map[string]Backend `yaml:"backends"`
+	Cors                    Cors               `yaml:"cors"`
 }
 
 // NewConfig returns a new decoded Config struct