Search in sources :

Example 1 with CorsConfiguration

use of cn.taketoday.web.cors.CorsConfiguration in project today-infrastructure by TAKETODAY.

the class CorsFilter method doFilterInternal.

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
    RequestContext context = RequestContextHolder.get();
    if (context == null) {
        WebApplicationContext webApplicationContext = ServletUtils.findWebApplicationContext(request);
        context = new ServletRequestContext(webApplicationContext, request, response);
        RequestContextHolder.set(context);
    }
    try {
        CorsConfiguration corsConfiguration = this.configSource.getCorsConfiguration(context);
        if (!processor.process(corsConfiguration, context) || CorsUtils.isPreFlightRequest(context)) {
            return;
        }
        // handle next
        filterChain.doFilter(request, response);
    } finally {
        RequestContextHolder.remove();
    }
}
Also used : CorsConfiguration(cn.taketoday.web.cors.CorsConfiguration) ServletRequestContext(cn.taketoday.web.servlet.ServletRequestContext) RequestContext(cn.taketoday.web.RequestContext) ServletRequestContext(cn.taketoday.web.servlet.ServletRequestContext) WebApplicationContext(cn.taketoday.web.WebApplicationContext)

Example 2 with CorsConfiguration

use of cn.taketoday.web.cors.CorsConfiguration in project today-framework by TAKETODAY.

the class HandlerCorsCustomizer method customize.

@Override
public Object customize(ActionMappingAnnotationHandler handler) {
    // 预防已经设置
    HandlerInterceptor[] interceptors = handler.getInterceptors();
    if (ObjectUtils.isNotEmpty(interceptors)) {
        for (HandlerInterceptor interceptor : interceptors) {
            if (interceptor instanceof CorsHandlerInterceptor) {
                return handler;
            }
        }
    }
    CrossOrigin methodCrossOrigin = handler.getMethod().getMethodAnnotation(CrossOrigin.class);
    CrossOrigin classCrossOrigin = handler.getMethod().getDeclaringClassAnnotation(CrossOrigin.class);
    if (classCrossOrigin == null && methodCrossOrigin == null) {
        // 没有 @CrossOrigin 配置
        return handler;
    }
    CorsConfiguration config = new CorsConfiguration();
    updateCorsConfig(config, classCrossOrigin);
    updateCorsConfig(config, methodCrossOrigin);
    // 覆盖默认
    config.applyPermitDefaultValues();
    CorsHandlerInterceptor interceptor = new CorsHandlerInterceptor(config);
    interceptor.setCorsProcessor(processor);
    interceptor.setOrder(Ordered.HIGHEST_PRECEDENCE);
    handler.addInterceptors(interceptor);
    return handler;
}
Also used : CrossOrigin(cn.taketoday.web.annotation.CrossOrigin) CorsHandlerInterceptor(cn.taketoday.web.interceptor.CorsHandlerInterceptor) CorsConfiguration(cn.taketoday.web.cors.CorsConfiguration) HandlerInterceptor(cn.taketoday.web.interceptor.HandlerInterceptor) CorsHandlerInterceptor(cn.taketoday.web.interceptor.CorsHandlerInterceptor)

Example 3 with CorsConfiguration

use of cn.taketoday.web.cors.CorsConfiguration in project today-framework by TAKETODAY.

the class CorsRegistryTests method customizedMapping.

@Test
public void customizedMapping() {
    this.registry.addMapping("/foo").allowedOrigins("https://domain2.com", "https://domain2.com").allowedMethods("DELETE").allowCredentials(false).allowedHeaders("header1", "header2").exposedHeaders("header3", "header4").maxAge(3600);
    Map<String, CorsConfiguration> configs = this.registry.getCorsConfigurations();
    assertThat(configs.size()).isEqualTo(1);
    CorsConfiguration config = configs.get("/foo");
    assertThat(config.getAllowedOrigins()).isEqualTo(Arrays.asList("https://domain2.com", "https://domain2.com"));
    assertThat(config.getAllowedMethods()).isEqualTo(Collections.singletonList("DELETE"));
    assertThat(config.getAllowedHeaders()).isEqualTo(Arrays.asList("header1", "header2"));
    assertThat(config.getExposedHeaders()).isEqualTo(Arrays.asList("header3", "header4"));
    assertThat(config.getAllowCredentials()).isFalse();
    assertThat(config.getMaxAge()).isEqualTo(Long.valueOf(3600));
}
Also used : CorsConfiguration(cn.taketoday.web.cors.CorsConfiguration) Test(org.junit.jupiter.api.Test)

Example 4 with CorsConfiguration

use of cn.taketoday.web.cors.CorsConfiguration in project today-framework by TAKETODAY.

the class CorsFilter method doFilterInternal.

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
    RequestContext context = RequestContextHolder.get();
    if (context == null) {
        WebApplicationContext webApplicationContext = ServletUtils.findWebApplicationContext(request);
        context = new ServletRequestContext(webApplicationContext, request, response);
        RequestContextHolder.set(context);
    }
    try {
        CorsConfiguration corsConfiguration = this.configSource.getCorsConfiguration(context);
        if (!processor.process(corsConfiguration, context) || context.isPreFlightRequest()) {
            return;
        }
        // handle next
        filterChain.doFilter(request, response);
    } finally {
        RequestContextHolder.remove();
    }
}
Also used : CorsConfiguration(cn.taketoday.web.cors.CorsConfiguration) ServletRequestContext(cn.taketoday.web.servlet.ServletRequestContext) RequestContext(cn.taketoday.web.RequestContext) ServletRequestContext(cn.taketoday.web.servlet.ServletRequestContext) WebApplicationContext(cn.taketoday.web.WebApplicationContext)

Example 5 with CorsConfiguration

use of cn.taketoday.web.cors.CorsConfiguration in project today-framework by TAKETODAY.

the class RequestMappingHandlerMapping method initCorsConfiguration.

@Override
protected CorsConfiguration initCorsConfiguration(Object handler, HandlerMethod handlerMethod, Method method, RequestMappingInfo mappingInfo) {
    Class<?> beanType = handlerMethod.getBeanType();
    CrossOrigin typeAnnotation = AnnotatedElementUtils.findMergedAnnotation(beanType, CrossOrigin.class);
    CrossOrigin methodAnnotation = AnnotatedElementUtils.findMergedAnnotation(method, CrossOrigin.class);
    if (typeAnnotation == null && methodAnnotation == null) {
        return null;
    }
    CorsConfiguration config = new CorsConfiguration();
    updateCorsConfig(config, typeAnnotation);
    updateCorsConfig(config, methodAnnotation);
    if (CollectionUtils.isEmpty(config.getAllowedMethods())) {
        for (HttpMethod allowedMethod : mappingInfo.getMethodsCondition().getMethods()) {
            config.addAllowedMethod(allowedMethod.name());
        }
    }
    return config.applyPermitDefaultValues();
}
Also used : CrossOrigin(cn.taketoday.web.annotation.CrossOrigin) CorsConfiguration(cn.taketoday.web.cors.CorsConfiguration) HttpMethod(cn.taketoday.http.HttpMethod)

Aggregations

CorsConfiguration (cn.taketoday.web.cors.CorsConfiguration)9 CrossOrigin (cn.taketoday.web.annotation.CrossOrigin)4 Test (org.junit.jupiter.api.Test)3 HttpMethod (cn.taketoday.http.HttpMethod)2 RequestContext (cn.taketoday.web.RequestContext)2 WebApplicationContext (cn.taketoday.web.WebApplicationContext)2 CorsHandlerInterceptor (cn.taketoday.web.interceptor.CorsHandlerInterceptor)2 HandlerInterceptor (cn.taketoday.web.interceptor.HandlerInterceptor)2 ServletRequestContext (cn.taketoday.web.servlet.ServletRequestContext)2