From 9a81440531cf06250cf52204d8fe5adb6d949ca3 Mon Sep 17 00:00:00 2001
From: sanoj <sanoj.punchihewa@gmail.com>
Date: Thu, 29 Jun 2023 12:09:55 +0530
Subject: [PATCH] Update config deployer service to add CORS policies for APIs

---
 .../ballerina/APIClient.bal                   | 32 ++++++++++++++++++-
 .../ballerina/modules/model/APIPolicy.bal     | 10 ++++++
 .../ballerina/types.bal                       |  2 ++
 3 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/runtime/config-deployer-service/ballerina/APIClient.bal b/runtime/config-deployer-service/ballerina/APIClient.bal
index 84c00203a..ace795996 100644
--- a/runtime/config-deployer-service/ballerina/APIClient.bal
+++ b/runtime/config-deployer-service/ballerina/APIClient.bal
@@ -338,7 +338,7 @@ public class APIClient {
                 apiArtifact.rateLimitPolicies[rateLimitPolicyCR.metadata.name] = rateLimitPolicyCR;
             }
         }
-        if apkConf.apiPolicies != () {
+        if apkConf.apiPolicies != () || apkConf.corsConfiguration != (){
             model:APIPolicy? apiPolicyCR = self.generateAPIPolicyAndBackendCR(apiArtifact, apkConf, (), apkConf.apiPolicies, organization, apiArtifact.uniqueId);
             if apiPolicyCR != () {
                 apiArtifact.apiPolicies[apiPolicyCR.metadata.name] = apiPolicyCR;
@@ -591,6 +591,13 @@ public class APIClient {
         if responseInterceptor is model:InterceptorReference {
             defaultSpecData.responseInterceptors = [responseInterceptor];
         }
+        CORSConfiguration? corsConfiguration = apkConf.corsConfiguration;
+        if corsConfiguration is CORSConfiguration {
+            model:CORSPolicy? cORSPolicy = self.retrieveCORSPolicyDetails(apiArtifact, apkConf, corsConfiguration, organization);
+            if cORSPolicy is model:CORSPolicy {
+                defaultSpecData.cORSPolicy = cORSPolicy;
+            }
+        }
         if defaultSpecData != {} {
             model:APIPolicy? apiPolicyCR = self.generateAPIPolicyCR(apkConf, targetRefName, operations, organization, defaultSpecData);
             if apiPolicyCR != () {
@@ -1085,6 +1092,29 @@ public class APIClient {
         return ();
     }
 
+    private isolated function retrieveCORSPolicyDetails(model:APIArtifact apiArtifact, APKConf apkConf, CORSConfiguration corsConfiguration, string organization) returns model:CORSPolicy? {
+        model:CORSPolicy corsPolicy = {};
+        if corsConfiguration.corsConfigurationEnabled is boolean {
+            corsPolicy.enabled = <boolean>corsConfiguration.corsConfigurationEnabled;
+        }
+        if corsConfiguration.accessControlAllowCredentials is boolean {
+            corsPolicy.accessControlAllowCredentials = <boolean>corsConfiguration.accessControlAllowCredentials;
+        }
+        if corsConfiguration.accessControlAllowOrigins is string[] {
+            corsPolicy.accessControlAllowOrigins = <string[]>corsConfiguration.accessControlAllowOrigins;
+        }
+        if corsConfiguration.accessControlAllowHeaders is string[] {
+            corsPolicy.accessControlAllowHeaders = <string[]>corsConfiguration.accessControlAllowHeaders;
+        }
+        if corsConfiguration.accessControlAllowMethods is string[] {
+            corsPolicy.accessControlAllowMethods = <string[]>corsConfiguration.accessControlAllowMethods;
+        }
+        if corsConfiguration.accessControlExposeHeaders is string[] {
+            corsPolicy.accessControlExposeHeaders = <string[]>corsConfiguration.accessControlExposeHeaders;
+        }
+        return corsPolicy;
+    }
+
     isolated function generateInterceptorServiceCR(record {} parameters, string interceptorBackend, string flow, APKConf apkConf, string organization) returns model:InterceptorService? {
         model:InterceptorService? interceptorServiceCR = ();
         interceptorServiceCR = {
diff --git a/runtime/config-deployer-service/ballerina/modules/model/APIPolicy.bal b/runtime/config-deployer-service/ballerina/modules/model/APIPolicy.bal
index 0dbd34487..1c561a28a 100644
--- a/runtime/config-deployer-service/ballerina/modules/model/APIPolicy.bal
+++ b/runtime/config-deployer-service/ballerina/modules/model/APIPolicy.bal
@@ -31,6 +31,7 @@ public type APIPolicySpec record {|
 public type APIPolicyData record {
     InterceptorReference[] requestInterceptors?;
     InterceptorReference[] responseInterceptors?;
+    CORSPolicy cORSPolicy?;
 };
 
 public type InterceptorReference record {
@@ -44,3 +45,12 @@ public type APIPolicyList record {
     ListMeta metadata;
     APIPolicy[] items;
 };
+
+public type CORSPolicy record {
+    boolean enabled = false;
+    boolean accessControlAllowCredentials = false;
+    string[] accessControlAllowOrigins = [];
+    string[] accessControlAllowHeaders = [];
+    string[] accessControlAllowMethods = [];
+    string[] accessControlExposeHeaders = [];
+};
diff --git a/runtime/config-deployer-service/ballerina/types.bal b/runtime/config-deployer-service/ballerina/types.bal
index 27657aee8..3d0973a5f 100644
--- a/runtime/config-deployer-service/ballerina/types.bal
+++ b/runtime/config-deployer-service/ballerina/types.bal
@@ -117,6 +117,7 @@ public type APKOperations record {
 # + accessControlAllowCredentials - Field Description  
 # + accessControlAllowHeaders - Field Description  
 # + accessControlAllowMethods - Field Description  
+# + accessControlExposeHeaders - Field Description
 # + accessControlAllowMaxAge - Field Description
 public type CORSConfiguration record {
     boolean corsConfigurationEnabled?;
@@ -124,6 +125,7 @@ public type CORSConfiguration record {
     boolean accessControlAllowCredentials?;
     string[] accessControlAllowHeaders?;
     string[] accessControlAllowMethods?;
+    string[] accessControlExposeHeaders?;
     int accessControlAllowMaxAge?;
 };