Commit 903c16a9 authored by Tifenn Guillas's avatar Tifenn Guillas
Browse files

Add CORS support

parent b80f36c9
......@@ -12,3 +12,4 @@ declare(strict_types=1);
$app->add(new App\Middleware\JsonBodyParserMiddleware());
$app->add(new App\Middleware\ContentTypeJsonMiddleware());
$app->add(new App\Middleware\CorsMiddleware());
......@@ -19,7 +19,7 @@ services:
LOGGER_PATH: "php://stderr"
LOGGER_LEVEL: "debug"
ports:
- 8082:80
- 8080:80
volumes:
- .:/project
- ./conf-dev/dev-php.ini:/usr/local/etc/php/conf.d/dev-php.ini
......
<?php
/*
* This file is part of Anis Auth.
*
* (c) Laboratoire d'Astrophysique de Marseille / CNRS
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
declare(strict_types=1);
namespace App\Middleware;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
use Psr\Http\Server\MiddlewareInterface;
/**
* Middleware to allow resources to be requested from another origin
*
* @author Tifenn Guillas <tifenn.guillas@lam.fr>
* @package App\Middleware
*/
final class CorsMiddleware implements MiddlewareInterface
{
/**
* Allow resources to be requested from another origin
*
* @param ServerRequest $request PSR-7 request
* @param RequestHandler $handler PSR-15 request handler
*
* @return Response
*/
public function process(Request $request, RequestHandler $handler): Response
{
$response = $handler->handle($request);
if ($request->getMethod() === OPTIONS) {
return $response
->withHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization')
->withHeader('Access-Control-Allow-Origin', '*');
}
return $response
->withHeader('Access-Control-Allow-Origin', '*');
}
}
<?php
/*
* This file is part of Anis Auth.
*
* (c) Laboratoire d'Astrophysique de Marseille / CNRS
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
declare(strict_types=1);
namespace App\Tests\Middleware;
use PHPUnit\Framework\TestCase;
use Nyholm\Psr7\ServerRequest;
use Nyholm\Psr7\Response;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
final class CorsMiddlewareTest extends TestCase
{
public function testCorsHeadersForOptionsMethod()
{
$request = new ServerRequest('OPTIONS', '/');
$requestHandler = $this->getMockBuilder(RequestHandler::class)
->disableOriginalConstructor()
->setMethods(['handle'])
->getMock();
$requestHandler->method('handle')
->with($this->identicalTo($request))
->will($this->returnValue(new Response()));
$corsMiddleware = new \App\Middleware\CorsMiddleware();
$response = $corsMiddleware->process($request, $requestHandler);
$this->assertSame((string) $response->getHeaderLine('Access-Control-Allow-Origin'), '*');
$this->assertSame('Content-Type, Authorization', (string) $response->getHeaderLine('Access-Control-Allow-Headers'));
}
public function testCorsHeadersForGetMethod()
{
$request = new ServerRequest('GET', '/');
$requestHandler = $this->getMockBuilder(RequestHandler::class)
->disableOriginalConstructor()
->setMethods(['handle'])
->getMock();
$requestHandler->method('handle')
->with($this->identicalTo($request))
->will($this->returnValue(new Response()));
$corsMiddleware = new \App\Middleware\CorsMiddleware();
$response = $corsMiddleware->process($request, $requestHandler);
$this->assertSame((string) $response->getHeaderLine('Access-Control-Allow-Origin'), '*');
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment