From 4c68d09dbc5821fe478510f041e04c4e1fd994b7 Mon Sep 17 00:00:00 2001
From: Chiran Fernando <pcnfernando@gmail.com>
Date: Wed, 2 Apr 2025 21:11:39 +0530
Subject: [PATCH] Handle nginx fronting

---
 internal/authz/asgardeo.go | 4 ++++
 internal/proxy/proxy.go    | 1 +
 2 files changed, 5 insertions(+)

diff --git a/internal/authz/asgardeo.go b/internal/authz/asgardeo.go
index 7408f79..429e2e2 100644
--- a/internal/authz/asgardeo.go
+++ b/internal/authz/asgardeo.go
@@ -31,6 +31,7 @@ func (p *asgardeoProvider) WellKnownHandler() http.HandlerFunc {
 		w.Header().Set("Access-Control-Allow-Origin", "*")
 		w.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type")
 		w.Header().Set("Access-Control-Allow-Methods", "GET, OPTIONS")
+		w.Header().Set("X-Accel-Buffering", "no")
 
 		if r.Method == http.MethodOptions {
 			w.WriteHeader(http.StatusNoContent)
@@ -70,6 +71,7 @@ func (p *asgardeoProvider) WellKnownHandler() http.HandlerFunc {
 		}
 
 		w.Header().Set("Content-Type", "application/json")
+		w.Header().Set("X-Accel-Buffering", "no")
 		if err := json.NewEncoder(w).Encode(response); err != nil {
 			log.Printf("[asgardeoProvider] Error encoding well-known: %v", err)
 			http.Error(w, "Internal server error", http.StatusInternalServerError)
@@ -83,6 +85,7 @@ func (p *asgardeoProvider) RegisterHandler() http.HandlerFunc {
 		w.Header().Set("Access-Control-Allow-Origin", "*")
 		w.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type")
 		w.Header().Set("Access-Control-Allow-Methods", "GET, OPTIONS")
+		w.Header().Set("X-Accel-Buffering", "no")
 
 		if r.Method == http.MethodOptions {
 			w.WriteHeader(http.StatusNoContent)
@@ -124,6 +127,7 @@ func (p *asgardeoProvider) RegisterHandler() http.HandlerFunc {
 		}
 
 		w.Header().Set("Content-Type", "application/json")
+		w.Header().Set("X-Accel-Buffering", "no")
 		w.WriteHeader(http.StatusCreated)
 		if err := json.NewEncoder(w).Encode(resp); err != nil {
 			log.Printf("ERROR: encoding /register response: %v", err)
diff --git a/internal/proxy/proxy.go b/internal/proxy/proxy.go
index 382c8f3..6d19b6f 100644
--- a/internal/proxy/proxy.go
+++ b/internal/proxy/proxy.go
@@ -160,6 +160,7 @@ func addCORSHeaders(w http.ResponseWriter) {
 	w.Header().Set("Access-Control-Allow-Origin", "*")
 	w.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type")
 	w.Header().Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+	w.Header().Set("X-Accel-Buffering", "no")
 }
 
 func isMCPPath(path string, cfg *config.Config) bool {