feat: add possibility to configure cors

Applications/SseServer/src/SseServer/Configuration.cs

@@ -9,6 +9,8 @@ public class Configuration
     [Required]
     public AuthenticationConfiguration Authentication { get; set; } = new();
 
+    public CorsConfiguration Cors { get; set; } = new();
+
     [Required]
     public InfrastructureConfiguration Infrastructure { get; set; } = new();
 
@@ -20,6 +22,12 @@ public class AuthenticationConfiguration
         public string JwtSigningCertificate { get; set; } = "";
     }
 
+    public class CorsConfiguration
+    {
+        public string AllowedOrigins { get; set; } = "";
+        public string ExposedHeaders { get; set; } = "";
+    }
+
     public class InfrastructureConfiguration
     {
         [Required]

Applications/SseServer/src/SseServer/Extensions/IServiceCollectionExtensions.cs

@@ -65,6 +65,18 @@ public static void AddCustomAspNetCore(this IServiceCollection services,
                 options.JsonSerializerOptions.DictionaryKeyPolicy = JsonNamingPolicy.CamelCase;
             });
 
+        services.AddCors(options =>
+        {
+            options.AddDefaultPolicy(builder =>
+            {
+                builder
+                    .WithOrigins(configuration.Cors.AllowedOrigins.Split(";"))
+                    .WithExposedHeaders(configuration.Cors.ExposedHeaders.Split(";"))
+                    .AllowAnyHeader()
+                    .AllowAnyMethod();
+            });
+        });
+
         services.AddAuthentication().AddJwtBearer("default", options =>
         {
             var privateKeyBytes = Convert.FromBase64String(configuration.Authentication.JwtSigningCertificate);

Applications/SseServer/src/SseServer/Program.cs

@@ -142,6 +142,8 @@ static void Configure(WebApplication app)
             .AddCustomHeader("X-Frame-Options", "Deny")
     );
 
+    app.UseCors();
+
     app.UseAuthentication().UseAuthorization();
 
     app.MapControllers();