[AC-1971] Add SwaggerUI to CORS policy (#3583)

* Allow SwaggerUI authorize requests if in development
2025-02-05 00:01:30 +01:00 · 2023-12-19 11:51:46 +10:00 · 2023-12-19 11:51:46 +10:00 · af7811ba9a
commit af7811ba9a
parent c2d36cb28b
1 changed files with 5 additions and 1 deletions
--- a/src/Identity/Startup.cs
+++ b/src/Identity/Startup.cs
@ -213,7 +213,11 @@ public class Startup
        app.UseRouting();

        // Add Cors
-        app.UseCors(policy => policy.SetIsOriginAllowed(o => CoreHelpers.IsCorsOriginAllowed(o, globalSettings))
+        app.UseCors(policy => policy.SetIsOriginAllowed(o =>
+                CoreHelpers.IsCorsOriginAllowed(o, globalSettings) ||
+
+                // If development - allow requests from the Swagger UI so it can authorize
+                (Environment.IsDevelopment() && o == globalSettings.BaseServiceUri.Api))
            .AllowAnyMethod().AllowAnyHeader().AllowCredentials());

        // Add current context