Skip to content

Keycloak cors setup#393

Merged
manusa merged 1 commit intocontainers:mainfrom
Cali0707:keycloak-cors-setup
Oct 24, 2025
Merged

Keycloak cors setup#393
manusa merged 1 commit intocontainers:mainfrom
Cali0707:keycloak-cors-setup

Conversation

@Cali0707
Copy link
Collaborator

@Cali0707 Cali0707 commented Oct 22, 2025

This builds on top of the refactor introduced in #390 and should not be merged until after that one.

With these changes, the local keycloak will not run into CORS issues

manusa
manusa approved these changes Oct 23, 2025
View reviewed changes
Copy link
Member

@manusa manusa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thx!

@manusa manusa added this to the 0.1.0 milestone Oct 23, 2025
@matzew
Copy link
Collaborator

matzew commented Oct 23, 2025

while these ("webOrigins": ["*"],) are generally fine for development. Does it still make sense merging just this?

I guess #392 has some implications on the subject - but this here would be only part of the solution (until the MCP inspector is fixed? If ever?)

I guess I am OK merging this, but not sure if that really makes sense.

@Cali0707
Copy link
Collaborator Author

Cali0707 commented Oct 23, 2025

I guess #392 has some implications on the subject - but this here would be only part of the solution (until the MCP inspector is fixed? If ever?)

Based on the conversation I saw there, it's not clear to me that inspector will proxy the auth as well as the mcp bits, IMO this is fine since these scripts are local dev only

@manusa manusa mentioned this pull request Oct 23, 2025
Closed
@Cali0707
fix: do not require cors-disabled browsers for dev auth flow
92bbc55 
Signed-off-by: Calum Murray <cmurray@redhat.com>
@Cali0707 Cali0707 force-pushed the keycloak-cors-setup branch from cb8e9a5 to 92bbc55 Compare October 23, 2025 14:48
@Cali0707 Cali0707 requested a review from manusa October 23, 2025 14:48
@Cali0707
Copy link
Collaborator Author

Cali0707 commented Oct 23, 2025

Hey @manusa @matzew - fixed the merged conflicts here

@manusa
Copy link
Member

manusa commented Oct 24, 2025
edited
Loading

I identified the issue in our proxy service, since we're not propagating the original headers (including Origin), keycloak doesn't return the Access-Control-Allow-Origin header.

I'll fix in a follow-up PR.

Related references:

@manusa manusa merged commit 54f7e7f into containers:main Oct 24, 2025
6 checks passed
@BrewTestBot BrewTestBot mentioned this pull request Nov 12, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@manusa manusa manusa approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

0.1.0

Development

Successfully merging this pull request may close these issues.

3 participants

@Cali0707 @matzew @manusa