From 5a36a68154083eea45630e296388bd346e453b48 Mon Sep 17 00:00:00 2001
From: Leonardo Christino <leomilho@gmail.com>
Date: Tue, 12 Sep 2023 12:37:18 +0200
Subject: [PATCH] fix: add cors headers properly to request

---
 Makefile                           | 12 ++++--------
 README.md                          | 10 ++++++++++
 go.mod                             |  4 ----
 internal/drivers/webdriver/cors.go |  3 ++-
 internal/drivers/webdriver/web.go  | 27 ++++++++++++---------------
 5 files changed, 28 insertions(+), 28 deletions(-)
 create mode 100644 README.md

diff --git a/Makefile b/Makefile
index 8f91126..5ff4402 100644
--- a/Makefile
+++ b/Makefile
@@ -47,17 +47,12 @@ develop:
 	$(eval export LOG_LEVEL := -1)
 	$(eval export DEV := true)
 	$(eval export USER_MANAGEMENT_SERVICE_RPC := localhost:9000)
-	$(eval export ALLOWED_ORIGINS := http://localhost:4200/,http://localhost:4200)
+	$(eval export ALLOWED_ORIGINS := http://localhost:4200)
 
 	@go run cmd/schema-orchestrator/main.go
 
 docker: login
-	make linux
-	@rm -rf ./dependencies
-	@cp -r ../../dependencies ./dependencies
-	@docker build -t graphpolaris/schema-orchestrator:latest .
-	@docker push graphpolaris/schema-orchestrator\:latest
-	@rm -r ./dependencies
+	@docker build -t harbor.graphpolairs.com/graphpolaris/schema-orchestrator:latest .
 
 rollout: docker
 	kubectl rollout restart deployment schema-orchestrator
@@ -70,4 +65,5 @@ login:
 	
 push:
 	@go get -u -v all 
-	@go mod tidy --compat=1.17
\ No newline at end of file
+	@go mod tidy --compat=1.21
+	@docker build --progress plain -t harbor.graphpolairs.com/graphpolaris/schema-orchestrator:latest .
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..4c317ac
--- /dev/null
+++ b/README.md
@@ -0,0 +1,10 @@
+## Development
+
+For quick development, add to the go.mod file these two replace lines, which will fetch the respective dependency code from the local repo instead of from git:
+
+```sh
+replace git.science.uu.nl/graphpolaris/broker => ../../dependencies/broker
+
+replace git.science.uu.nl/graphpolaris/keyvaluestore => ../../dependencies/keyvaluestore
+
+```
diff --git a/go.mod b/go.mod
index a0a136a..f2caf02 100644
--- a/go.mod
+++ b/go.mod
@@ -28,7 +28,3 @@ require (
 	golang.org/x/text v0.13.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20230911183012-2d3300fd4832 // indirect
 )
-
-replace git.science.uu.nl/graphpolaris/broker => ../../dependencies/broker
-
-replace git.science.uu.nl/graphpolaris/keyvaluestore => ../../dependencies/keyvaluestore
diff --git a/internal/drivers/webdriver/cors.go b/internal/drivers/webdriver/cors.go
index bfc1721..0023805 100644
--- a/internal/drivers/webdriver/cors.go
+++ b/internal/drivers/webdriver/cors.go
@@ -7,6 +7,7 @@ package webdriver
 
 import (
 	"net/http"
+	"os"
 )
 
 /*
@@ -16,7 +17,7 @@ setupResponse sets up response headers for CORS
 	r: *http.Request, sends the requests for http
 */
 func setupResponse(w *http.ResponseWriter, r *http.Request) {
-	// (*w).Header().Set("Access-Control-Allow-Origin", "http://127.0.0.1:3000") // TODO: should be handled by ingress
+	(*w).Header().Set("Access-Control-Allow-Origin", os.Getenv("ALLOWED_ORIGINS"))
 	(*w).Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
 	(*w).Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
 	(*w).Header().Set("Access-Control-Allow-Credentials", "true")
diff --git a/internal/drivers/webdriver/web.go b/internal/drivers/webdriver/web.go
index 243792b..3d3c6e4 100644
--- a/internal/drivers/webdriver/web.go
+++ b/internal/drivers/webdriver/web.go
@@ -49,22 +49,19 @@ func (l *Listener) SetupHandlers() {
 	log.Println("Setting up handlers")
 	handler := l.schemaRequestHandler()
 
-	if os.Getenv("DEV") == "true" {
-		AllowedOrigins := strings.Split(os.Getenv("ALLOWED_ORIGINS"), ",")
+	AllowedOrigins := strings.Split(os.Getenv("ALLOWED_ORIGINS"), ",")
 
-		c := cors.New(cors.Options{
-			// AllowedOrigins:   []string{"https://foo.com"}, // Use this to allow specific origin hosts
-			AllowedOrigins:   AllowedOrigins,
-			AllowOriginFunc:  func(r *http.Request, origin string) bool { return true },
-			AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
-			AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token", "Access-Control-Allow-Origin"},
-			ExposedHeaders:   []string{"Link"},
-			AllowCredentials: true,
-			MaxAge:           300, // Maximum value not ignored by any of major browsers
-			// Debug: 			     true,
-		})
-		handler = c.Handler(handler)
-	}
+	c := cors.New(cors.Options{
+		AllowedOrigins:   AllowedOrigins,
+		AllowOriginFunc:  func(r *http.Request, origin string) bool { return true },
+		AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
+		AllowedHeaders:   []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token", "Access-Control-Allow-Origin"},
+		ExposedHeaders:   []string{"Link"},
+		AllowCredentials: true,
+		MaxAge:           300, // Maximum value not ignored by any of major browsers
+		// Debug: 			     true,
+	})
+	handler = c.Handler(handler)
 
 	http.Handle("/", handler)
 }
-- 
GitLab