From 63191f68e529d9b41fbb17d04e03f95e4e092da7 Mon Sep 17 00:00:00 2001
From: Caleb Doxsey <cdoxsey@pomerium.com>
Date: Thu, 25 Aug 2022 12:11:36 -0600
Subject: [PATCH] authenticate: add CORS headers to jwks endpoint

---
 authenticate/handlers.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/authenticate/handlers.go b/authenticate/handlers.go
index f3b7721ed0a..0102107b5ee 100644
--- a/authenticate/handlers.go
+++ b/authenticate/handlers.go
@@ -113,7 +113,7 @@ func (a *Authenticate) mountDashboard(r *mux.Router) {
 }
 
 func (a *Authenticate) mountWellKnown(r *mux.Router) {
-	r.Path("/.well-known/pomerium/jwks.json").Handler(httputil.HandlerFunc(a.jwks)).Methods(http.MethodGet)
+	r.Path("/.well-known/pomerium/jwks.json").Handler(cors.AllowAll().Handler(httputil.HandlerFunc(a.jwks))).Methods(http.MethodGet)
 }
 
 // jwks returns the signing key(s) the client can use to validate signatures