Better cors handling

ConductionNL · May 2, 2024 · 4cf2ded · 4cf2ded
1 parent 0a98ac5
commit 4cf2ded
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/api/config/packages/nelmio_cors.yaml b/api/config/packages/nelmio_cors.yaml
@@ -1,10 +1,12 @@
 parameters:
-    cors_origins: []
+    env(CORS_ORIGIN_EXTRA): '["*","https://localhost","https://localhost:8000"]'
+    env(CORS_ORIGIN): '*'
+    cors_origins: '%env(json:CORS_ORIGIN_EXTRA)%'
 
 nelmio_cors:
     defaults:
         origin_regex: true
-        allow_origin: '%cors_origins%'
+        allow_origin: ['%env(CORS_ORIGIN)%']
         allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
         allow_headers: ['Content-Type', 'Authorization', 'x-method', 'x-endpoint']
         expose_headers: ['Link']

diff --git a/api/src/Command/InitializationCommand.php b/api/src/Command/InitializationCommand.php
@@ -153,9 +153,9 @@ protected function execute(InputInterface $input, OutputInterface $output): int
             $application->setDomains($domains);
             $application->setOrganization($organization);
 
-            $adminHost = 'https://'.(str_starts_with($parsedAppUrl['host'], 'api') ? str_replace(search: 'api', replace: 'admin', subject: $parsedAppUrl['host']) : $parsedAppUrl['host']);
+            $adminHost = $parsedAppUrl['scheme'].'://'.(str_starts_with($parsedAppUrl['host'], 'api') ? str_replace(search: 'api', replace: 'admin', subject: $parsedAppUrl['host']) : $parsedAppUrl['host'].':8000');
 
-            $application->setOrigins(array_unique(['http://localhost', $parsedAppUrl['schema'].'://'.$parsedAppUrl['host']], $adminHost));
+            $application->setOrigins(origins: array_values(array: array_unique(array: ['http://localhost', $parsedAppUrl['scheme'].'://'.$parsedAppUrl['host'], $adminHost])));
 //            $application->setSecret('LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV3QUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktvd2dnU21BZ0VBQW9JQkFRRFNQU1lacUs3cHdMTWQKd0VqSThkeTA2aVUzQUxESHFOMnBvbmJEb0tIN09KcFVpa0hkT09NVVhNYUhGOWwyb0ZBQmV1VnkrMjJlVHZTQwp3SGdFeUlkTlBEOHhnaWcrUVFlLzBEZlNIaWxGK01ZNGJYbzBUdW0wbDB1MFRDMDNqSUMvUHdiWmJkd3AyczdmClo5TVh1dzdZdnpLS2dzSTdXWWhlSGxGazlkQXc4OUg4SjVUbkY2N050YkdWRkdYTUk5ekpSejZ6N3JRUzJGMjEKcmIyanNhMU4yWkliZW5rbmFrQjdmTEk2VU1mVk5DTXBVZHdERUN6TXNTUTQ4L2dvMzdJYjhzbElGZ2NTUWcrNgp4U1JleG1BT0lBUDIxSitnVjZubGhiMGQ2V2VCcUliQ1hoYkhoY0RGc3NiVGlyTms5UElCcm1FdktGU1prdVV2Cks4Z0hzTituQWdNQkFBRUNnZ0VCQUlFZ1JaSms1R2wxalkyc1dBZnpaUmRJNkdxTDVnZjdVNG1vMjBEMEhBanMKanYxMW5WWitaaHBQa1MvUUdpU2QrZ1d1c2RhWlRvNTQ5L3lHc2pCZDZad3FjTFc3dDNQbEJSbHVqWnBrSS8xeAorbTBWOElUSUl3cGtFbjgrZWxjdjJMT2R4bHNzK3BoS1o5MFhLN1BibEJiVDkvclNyUEUrNEY3T1NEZTJNcFNkClRvVi9XQis1SC90eFM1TVpIRHM3OTA3RFpLemdkdUZyVHBPRUZQeUp3MnoxbWNRbzhnK2ZTbm90Q1ZncUFFRFcKcXFSNHpmK05WTUdId3A3WC9Lc3k1eWdkZnZ3QXpaVEVaUmFzVHVnN1JDdHhyVUp0d2lEMk9rdmNoMzNXYzA1VQoyVnVqdmk5ODhuY1hWeVZOOG8wbnU4aUNRV25veUM5SnJDRnlTU000cjJFQ2dZRUEraWJJb2E2aHlGNkNIcFYxCk9uYmIwT2ZleVhMS01vTkNDN2FYdXFHUVBsTG52K3FXUFJqRXdWR3Mvb3NrS2hFRWhsSEdvamc1dkhSQ1g2T3AKSTlJSis4U201d08xSlJFUFFNdmdza0ZWR3NlZVF5UXNYajJmRmp5cDZ4RGhHMlFzNlFpZHRuZEN6L1hOZWxBQQowNmVkbHl0L0I3Z1d1dWtoYWQ1SjhrT3UzeVVDZ1lFQTF5ZDZmYkhtNFQyMmkxQXZYYTBaSG8rME1oZUVGYTg0ClpaZXVtSmNKaTd3NnFjR016ejkwNno5V0lPT3ZvTk9WZWdVOHMvb2labUZiMXZ3bmE2SnJRZWpid0ZJckN0TlIKYlF3SmsrVkIrY0RJckxtTjhuclBacVM0THY0Y3hOOWlMYWtVMlpid1Jrb1NQSldlaUM2SWt5SWNEYzVxTVpCZwpubTJxSVlxQW45c0NnWUVBbEZwNTlFRlFHemZKYlgvdjFTdDJjKzkvbGZNbzdVb2cyamVBeHFOWW0wMnB1WXpUCmF3cU1iYVlWdGFRcFgzVldQSjYwOGJIc3M5SXpKdXMxdlZPc3JnN1RlUUFlNXd1MkF4U21mckQyV3ZwMTVwWEcKWm1HZlBwM2RtOVlYMnBuUGRLaXlkK3RFeVhhYVZPYXJodHJLUUVRQWcwQnU0b3l1VDA0UWhzZ1RKcTBDZ1lFQQpuWmRTRmkwdmduM1VibGh1U1R3WHNSWHJFK0c3b3JKMEtaMmZpaTdmRkJYc0Zoa3B6VWVhbVJFTVFnemp3SFlaCi80VkVnRU5QM1JPazFHUmZiMnhKQ2I3STd5YUFWbTZRTHNKcFpZVy8vSEtqeWpnamE1OWV1TDBnRjNPVG1QUlMKRWtYTmVzOGU4UzBpREhRKzZWckVPSmo4V1hSK3ZnMFZhQlhGVHNvSENvOENnWUVBOWhpRVlVTXZFNTdQMytmSgptZmZSMytwamJ6WDF0dWY2K0FqcGFrTjNodDFhWUJmaXJzRTlDTHpZdVBqSW4zdU1DRWZvdVFkMGc3c01UcGJnCmxBVXlkaWNPMFNvdDNmSHBLV0F5R3laOVRWYlhIaGUrb1FJYUN1VWFaanlQSFFPWWhHTzZwV0ZDam9aV01JZUwKZjBGcVg0UFExZEJPd3drNDl2Vm16YTJIY1RzPQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg=='); // todo genreate
 //            $application->setPublic('LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQ4VENDQXRtZ0F3SUJBZ0lVVTlMMXFhdGI5WndXTGd4Rlg1VHB0bjNiQytjd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZY3hDekFKQmdOVkJBWVRBazVNTVJZd0ZBWURWUVFJREExT2IyOXlaQ0JJYjJ4c1lXNWtNUkl3RUFZRApWUVFIREFsQmJYTjBaWEprWVcweEV6QVJCZ05WQkFvTUNrTnZibVIxWTNScGIyNHhFakFRQmdOVkJBTU1DV3h2ClkyRnNhRzl6ZERFak1DRUdDU3FHU0liM0RRRUpBUllVY205aVpYSjBRR052Ym1SMVkzUnBiMjR1Ym13d0hoY04KTWpFd09UQXlNRGMxTWpVd1doY05Nakl3T1RBeU1EYzFNalV3V2pDQmh6RUxNQWtHQTFVRUJoTUNUa3d4RmpBVQpCZ05WQkFnTURVNXZiM0prSUVodmJHeGhibVF4RWpBUUJnTlZCQWNNQ1VGdGMzUmxjbVJoYlRFVE1CRUdBMVVFCkNnd0tRMjl1WkhWamRHbHZiakVTTUJBR0ExVUVBd3dKYkc5allXeG9iM04wTVNNd0lRWUpLb1pJaHZjTkFRa0IKRmhSeWIySmxjblJBWTI5dVpIVmpkR2x2Ymk1dWJEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQwpBUW9DZ2dFQkFOSTlKaG1vcnVuQXN4M0FTTWp4M0xUcUpUY0FzTWVvM2FtaWRzT2dvZnM0bWxTS1FkMDQ0eFJjCnhvY1gyWGFnVUFGNjVYTDdiWjVPOUlMQWVBVEloMDA4UHpHQ0tENUJCNy9RTjlJZUtVWDR4amh0ZWpSTzZiU1gKUzdSTUxUZU1nTDgvQnRsdDNDbmF6dDluMHhlN0R0aS9Nb3FDd2p0WmlGNGVVV1QxMEREejBmd25sT2NYcnMyMQpzWlVVWmN3ajNNbEhQclB1dEJMWVhiV3R2YU94clUzWmtodDZlU2RxUUh0OHNqcFF4OVUwSXlsUjNBTVFMTXl4CkpEanorQ2pmc2h2eXlVZ1dCeEpDRDdyRkpGN0dZQTRnQS9iVW42QlhxZVdGdlIzcFo0R29oc0plRnNlRndNV3kKeHRPS3MyVDA4Z0d1WVM4b1ZKbVM1UzhyeUFldzM2Y0NBd0VBQWFOVE1GRXdIUVlEVlIwT0JCWUVGRlRRbENzNwo3c1RzTXF1V3dCUjFORXZndWRYVk1COEdBMVVkSXdRWU1CYUFGRlRRbENzNzdzVHNNcXVXd0JSMU5Fdmd1ZFhWCk1BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJV3ZpZldiV3FQNklUd20KS1d2YW9Lc1JIc1BzZ0dxYUF2OXlkZ24xSVp2WFQzZGg3eXpOdHFJRXNDcHpvc2c0Zis3Rlo2bG5GZHI2RFZVbgpmMGh3bUV4ems3d1lYdjBtd2xCTHg1alJmb0tKbDA2SFdkVHVFYUJwR2JYR1Y3VHZjQ3dEb1hYenlYYkljT1FqCnFMeGM0RlE5dlZXazRQM0Y1dDZ6dFh3TWVYWDhZeVYwaGN4cXRaVHNsL25ZVDFvc2pKUlBlWDBRRXFXTjJKZ1QKTGFwckNwK0ZOOXI2WlRwb3EybXVwNmcxTE9HaW1md1k3VDR4elhEaUNlMk1FMi93azBuczBpZXFmeFpwQk5mMApaYitZTHBPekVIYmNlS3dqSEJxT016VlJTZy93bW9sN05VWEF5YkZUNlMwaU5EQWlVSUJ6Q2xUZDhPQ0ZlYXB6CmdwYmROaDA9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0='); // todo genreate
 //            $application->setPublicKey('LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQ4VENDQXRtZ0F3SUJBZ0lVVTlMMXFhdGI5WndXTGd4Rlg1VHB0bjNiQytjd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2dZY3hDekFKQmdOVkJBWVRBazVNTVJZd0ZBWURWUVFJREExT2IyOXlaQ0JJYjJ4c1lXNWtNUkl3RUFZRApWUVFIREFsQmJYTjBaWEprWVcweEV6QVJCZ05WQkFvTUNrTnZibVIxWTNScGIyNHhFakFRQmdOVkJBTU1DV3h2ClkyRnNhRzl6ZERFak1DRUdDU3FHU0liM0RRRUpBUllVY205aVpYSjBRR052Ym1SMVkzUnBiMjR1Ym13d0hoY04KTWpFd09UQXlNRGMxTWpVd1doY05Nakl3T1RBeU1EYzFNalV3V2pDQmh6RUxNQWtHQTFVRUJoTUNUa3d4RmpBVQpCZ05WQkFnTURVNXZiM0prSUVodmJHeGhibVF4RWpBUUJnTlZCQWNNQ1VGdGMzUmxjbVJoYlRFVE1CRUdBMVVFCkNnd0tRMjl1WkhWamRHbHZiakVTTUJBR0ExVUVBd3dKYkc5allXeG9iM04wTVNNd0lRWUpLb1pJaHZjTkFRa0IKRmhSeWIySmxjblJBWTI5dVpIVmpkR2x2Ymk1dWJEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQwpBUW9DZ2dFQkFOSTlKaG1vcnVuQXN4M0FTTWp4M0xUcUpUY0FzTWVvM2FtaWRzT2dvZnM0bWxTS1FkMDQ0eFJjCnhvY1gyWGFnVUFGNjVYTDdiWjVPOUlMQWVBVEloMDA4UHpHQ0tENUJCNy9RTjlJZUtVWDR4amh0ZWpSTzZiU1gKUzdSTUxUZU1nTDgvQnRsdDNDbmF6dDluMHhlN0R0aS9Nb3FDd2p0WmlGNGVVV1QxMEREejBmd25sT2NYcnMyMQpzWlVVWmN3ajNNbEhQclB1dEJMWVhiV3R2YU94clUzWmtodDZlU2RxUUh0OHNqcFF4OVUwSXlsUjNBTVFMTXl4CkpEanorQ2pmc2h2eXlVZ1dCeEpDRDdyRkpGN0dZQTRnQS9iVW42QlhxZVdGdlIzcFo0R29oc0plRnNlRndNV3kKeHRPS3MyVDA4Z0d1WVM4b1ZKbVM1UzhyeUFldzM2Y0NBd0VBQWFOVE1GRXdIUVlEVlIwT0JCWUVGRlRRbENzNwo3c1RzTXF1V3dCUjFORXZndWRYVk1COEdBMVVkSXdRWU1CYUFGRlRRbENzNzdzVHNNcXVXd0JSMU5Fdmd1ZFhWCk1BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJV3ZpZldiV3FQNklUd20KS1d2YW9Lc1JIc1BzZ0dxYUF2OXlkZ24xSVp2WFQzZGg3eXpOdHFJRXNDcHpvc2c0Zis3Rlo2bG5GZHI2RFZVbgpmMGh3bUV4ems3d1lYdjBtd2xCTHg1alJmb0tKbDA2SFdkVHVFYUJwR2JYR1Y3VHZjQ3dEb1hYenlYYkljT1FqCnFMeGM0RlE5dlZXazRQM0Y1dDZ6dFh3TWVYWDhZeVYwaGN4cXRaVHNsL25ZVDFvc2pKUlBlWDBRRXFXTjJKZ1QKTGFwckNwK0ZOOXI2WlRwb3EybXVwNmcxTE9HaW1md1k3VDR4elhEaUNlMk1FMi93azBuczBpZXFmeFpwQk5mMApaYitZTHBPekVIYmNlS3dqSEJxT016VlJTZy93bW9sN05VWEF5YkZUNlMwaU5EQWlVSUJ6Q2xUZDhPQ0ZlYXB6CmdwYmROaDA9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0='); // todo genreate