From bc80050a4488b94cafe0595f7969dff13070c0c2 Mon Sep 17 00:00:00 2001
From: Alexander Wolz <84812593+alexanderwolz@users.noreply.github.com>
Date: Sat, 13 May 2023 10:02:56 +0200
Subject: [PATCH] docs: added missing CORS headers for regular keycloak access
 via AJAX (#304)

---
 examples/token-auth-keycloak/conf/proxy/nginx.conf | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/examples/token-auth-keycloak/conf/proxy/nginx.conf b/examples/token-auth-keycloak/conf/proxy/nginx.conf
index a187497..5b50c2c 100644
--- a/examples/token-auth-keycloak/conf/proxy/nginx.conf
+++ b/examples/token-auth-keycloak/conf/proxy/nginx.conf
@@ -62,6 +62,11 @@ server {
         add_header WWW-Authenticate 'Basic realm="Keycloak login"' always;
         return 401;
       }
+
+      add_header Access-Control-Allow-Origin $http_origin always;
+      add_header Access-Control-Allow-Methods "OPTIONS, GET" always;
+      add_header Access-Control-Allow-Headers "Content-Type, Accept, Authorization" always;
+      add_header Access-Control-Allow-Credentials true always;
       proxy_pass $keycloak;
     }