Custom Lambda Authorizer Response missing Access-Control-Allow-Origin header

Question

I am trying to authenticate requests from client application using a custom lambda authorizer. I setup a small demo that allows the user to login via a webapp deployed on lo