temporary header against CORS, not the right solution

Author: lennertdr

packages/uma/config/routes/policies.json

@@ -8,7 +8,8 @@
             "@type": "HttpHandlerRoute",
             "methods": [
                 "GET", 
-                "POST"
+                "POST",
+                "OPTIONS"
             ],
             "handler": {
                 "@type": "PolicyRequestHandler",

packages/uma/src/routes/Policy.ts

@@ -31,7 +31,7 @@ export class PolicyRequestHandler extends HttpHandler {
      */
     protected getCredentials(request: HttpHandlerRequest): string {
         const header = request.headers['authorization'];
-        if (typeof header !== 'string') {
+        if (typeof header !== 'string' && request.method !== "OPTIONS") {
             throw new BadRequestHttpError('Missing Authorization header');
         }
         return header;
@@ -53,6 +53,15 @@ export class PolicyRequestHandler extends HttpHandler {
             case 'DELETE': return deletePolicy(request, store, this.storage, client, this.baseUrl);
             case 'PATCH': return editPolicy(request, store, this.storage, client, this.baseUrl);
             case 'PUT': return rewritePolicy(request, store, this.storage, client, this.baseUrl);
+            case 'OPTIONS': return {
+                status: 204,
+                headers: {
+                    // this is only for the url without <encodedId>
+                    'Access-Control-Allow-Origin': 'http://localhost:5173',
+                    'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+                    'Access-Control-Allow-Headers': 'Authorization, Content-Type',
+                }
+            }
             default: throw new MethodNotAllowedHttpError();
         }
     }

packages/uma/src/util/routeSpecific/policies/CreatePolicies.ts

@@ -118,6 +118,7 @@ export async function addPolicies(request: HttpHandlerRequest, store: Store, sto
 
 
     return {
-        status: 201
+        status: 201,
+        headers: { 'access-control-allow-origin': 'http://localhost:5173' }
     }
 }

packages/uma/src/util/routeSpecific/policies/DeletePolicies.ts

@@ -61,6 +61,7 @@ export async function deleteOnePolicy(policyId: string, store: Store, storage: U
 
     // Delete succesful
     return {
-        status: 200
+        status: 200,
+        headers: { 'access-control-allow-origin': 'http://localhost:5173' }
     }
 }

packages/uma/src/util/routeSpecific/policies/GetPolicies.ts

@@ -1,7 +1,6 @@
 import { HttpHandlerRequest, HttpHandlerResponse } from "../../http/models/HttpHandler";
 import { Quad, Store } from "n3";
 import { odrlAssigner, relations, namedNode, quadsToText, checkBaseURL, retrieveID } from "./PolicyUtil";
-import { MethodNotAllowedHttpError } from "@solid/community-server";
 
 
 /**
@@ -104,7 +103,7 @@ async function getOnePolicy(policyId: string, store: Store, clientId: string): P
         return {
             status: 204,
             headers: {
-                'content-type': 'text/turtle',
+                'content-type': 'text/turtle', 'access-control-allow-origin': 'http://localhost:5173'
             },
             body: '',
         }

packages/uma/src/util/routeSpecific/policies/PolicyUtil.ts

@@ -54,7 +54,7 @@ export async function quadsToText(quads: Quad[]): Promise<HttpHandlerResponse<an
             } else {
                 resolve({
                     status: 200,
-                    headers: { 'content-type': 'text/turtle' },
+                    headers: { 'content-type': 'text/turtle', 'access-control-allow-origin': 'http://localhost:5173' },
                     body: result
                 });
             }