Example 26 with CorsConfiguration
use of org.springframework.web.cors.CorsConfiguration in project CzechIdMng by bcvsolutions.
the class WebConfig method corsFilter.
@Bean
public FilterRegistrationBean corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = corsConfiguration();
// TODO: depends on FlywayConfigCore
// log.info("Starting with configurted allowed origins [{}]. Allowed
// origins could be changed through application setting.",
// config.getAllowedOrigins());
config.setAllowCredentials(Boolean.TRUE);
config.addAllowedHeader("*");
config.addAllowedMethod("GET");
config.addAllowedMethod("PUT");
config.addAllowedMethod("OPTIONS");
config.addAllowedMethod("POST");
config.addAllowedMethod("DELETE");
config.addAllowedMethod("PATCH");
source.registerCorsConfiguration(BaseDtoController.BASE_PATH + "/**", config);
config.addExposedHeader(JwtAuthenticationMapper.AUTHENTICATION_TOKEN_NAME);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
}
Also used :
CorsFilter(org.springframework.web.filter.CorsFilter)
UrlBasedCorsConfigurationSource(org.springframework.web.cors.UrlBasedCorsConfigurationSource)
DynamicCorsConfiguration(eu.bcvsolutions.idm.core.config.domain.DynamicCorsConfiguration)
CorsConfiguration(org.springframework.web.cors.CorsConfiguration)
FilterRegistrationBean(org.springframework.boot.context.embedded.FilterRegistrationBean)
LocalValidatorFactoryBean(org.springframework.validation.beanvalidation.LocalValidatorFactoryBean)
FilterRegistrationBean(org.springframework.boot.context.embedded.FilterRegistrationBean)
Bean(org.springframework.context.annotation.Bean)
Example 27 with CorsConfiguration
use of org.springframework.web.cors.CorsConfiguration in project spring-boot by spring-projects.
the class CloudFoundryActuatorAutoConfigurationTests method cloudFoundryPlatformActive.
@Test
public void cloudFoundryPlatformActive() throws Exception {
CloudFoundryEndpointHandlerMapping handlerMapping = getHandlerMapping();
assertThat(handlerMapping.getPrefix()).isEqualTo("/cloudfoundryapplication");
CorsConfiguration corsConfiguration = (CorsConfiguration) ReflectionTestUtils.getField(handlerMapping, "corsConfiguration");
assertThat(corsConfiguration.getAllowedOrigins()).contains("*");
assertThat(corsConfiguration.getAllowedMethods()).containsAll(Arrays.asList(HttpMethod.GET.name(), HttpMethod.POST.name()));
assertThat(corsConfiguration.getAllowedHeaders()).containsAll(Arrays.asList("Authorization", "X-Cf-App-Instance", "Content-Type"));
}
Also used :
CorsConfiguration(org.springframework.web.cors.CorsConfiguration)
Test(org.junit.Test)
Example 28 with CorsConfiguration
use of org.springframework.web.cors.CorsConfiguration in project spring-framework by spring-projects.
the class CorsRegistryTests method customizedMapping.
@Test
public void customizedMapping() {
this.registry.addMapping("/foo").allowedOrigins("http://domain2.com", "http://domain2.com").allowedMethods("DELETE").allowCredentials(false).allowedHeaders("header1", "header2").exposedHeaders("header3", "header4").maxAge(3600);
Map<String, CorsConfiguration> configs = this.registry.getCorsConfigurations();
assertEquals(1, configs.size());
CorsConfiguration config = configs.get("/foo");
assertEquals(Arrays.asList("http://domain2.com", "http://domain2.com"), config.getAllowedOrigins());
assertEquals(Arrays.asList("DELETE"), config.getAllowedMethods());
assertEquals(Arrays.asList("header1", "header2"), config.getAllowedHeaders());
assertEquals(Arrays.asList("header3", "header4"), config.getExposedHeaders());
assertEquals(false, config.getAllowCredentials());
assertEquals(Long.valueOf(3600), config.getMaxAge());
}
Also used :
CorsConfiguration(org.springframework.web.cors.CorsConfiguration)
Test(org.junit.Test)
Example 29 with CorsConfiguration
use of org.springframework.web.cors.CorsConfiguration in project spring-framework by spring-projects.
the class CorsUrlHandlerMappingTests method actualRequestWithGlobalCorsConfig.
@Test
public void actualRequestWithGlobalCorsConfig() throws Exception {
CorsConfiguration mappedConfig = new CorsConfiguration();
mappedConfig.addAllowedOrigin("*");
this.handlerMapping.setCorsConfigurations(Collections.singletonMap("/welcome.html", mappedConfig));
String origin = "http://domain2.com";
ServerWebExchange exchange = createExchange(HttpMethod.GET, "/welcome.html", origin);
Object actual = this.handlerMapping.getHandler(exchange).block();
assertNotNull(actual);
assertSame(this.welcomeController, actual);
assertEquals("*", exchange.getResponse().getHeaders().getFirst(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN));
}
Also used :
ServerWebExchange(org.springframework.web.server.ServerWebExchange)
CorsConfiguration(org.springframework.web.cors.CorsConfiguration)
Test(org.junit.Test)
Example 30 with CorsConfiguration
use of org.springframework.web.cors.CorsConfiguration in project spring-framework by spring-projects.
the class AbstractHandlerMapping method getHandler.
@Override
public Mono<Object> getHandler(ServerWebExchange exchange) {
return getHandlerInternal(exchange).map(handler -> {
if (CorsUtils.isCorsRequest(exchange.getRequest())) {
CorsConfiguration configA = this.globalCorsConfigSource.getCorsConfiguration(exchange);
CorsConfiguration configB = getCorsConfiguration(handler, exchange);
CorsConfiguration config = (configA != null ? configA.combine(configB) : configB);
if (!getCorsProcessor().processRequest(config, exchange) || CorsUtils.isPreFlightRequest(exchange.getRequest())) {
return REQUEST_HANDLED_HANDLER;
}
}
return handler;
});
}
Also used :
CorsConfiguration(org.springframework.web.cors.CorsConfiguration)
Aggregations
CorsConfiguration (org.springframework.web.cors.CorsConfiguration)49
Test (org.junit.Test)27
HandlerExecutionChain (org.springframework.web.servlet.HandlerExecutionChain)15
Bean (org.springframework.context.annotation.Bean)9
UrlBasedCorsConfigurationSource (org.springframework.web.cors.UrlBasedCorsConfigurationSource)7
HandlerMethod (org.springframework.web.method.HandlerMethod)7
CorsFilter (org.springframework.web.filter.CorsFilter)6
MockHttpServletRequest (org.springframework.mock.web.test.MockHttpServletRequest)3
ServerWebExchange (org.springframework.web.server.ServerWebExchange)3
HandlerInterceptor (org.springframework.web.servlet.HandlerInterceptor)3
List (java.util.List)2
DirectFieldAccessor (org.springframework.beans.DirectFieldAccessor)2
ConditionalOnBean (org.springframework.boot.autoconfigure.condition.ConditionalOnBean)2
CrossOrigin (org.springframework.web.bind.annotation.CrossOrigin)2
RequestMethod (org.springframework.web.bind.annotation.RequestMethod)2
AnnotationConfigWebApplicationContext (org.springframework.web.context.support.AnnotationConfigWebApplicationContext)2
AbstractHandlerMapping (org.springframework.web.servlet.handler.AbstractHandlerMapping)2
DynamicCorsConfiguration (eu.bcvsolutions.idm.core.config.domain.DynamicCorsConfiguration)1
LinkedHashMap (java.util.LinkedHashMap)1
LinkedHashSet (java.util.LinkedHashSet)1
