use of cn.taketoday.web.cors.CorsConfiguration in project today-framework by TAKETODAY.
the class CorsRegistryTests method allowCredentials.
@Test
public void allowCredentials() {
this.registry.addMapping("/foo").allowCredentials(true);
CorsConfiguration config = this.registry.getCorsConfigurations().get("/foo");
assertThat(config.getAllowedOrigins()).as("Globally origins=\"*\" and allowCredentials=true should be possible").containsExactly("*");
}
use of cn.taketoday.web.cors.CorsConfiguration in project today-framework by TAKETODAY.
the class CorsRegistryTests method combine.
@Test
void combine() {
CorsConfiguration otherConfig = new CorsConfiguration();
otherConfig.addAllowedOrigin("http://localhost:3000");
otherConfig.addAllowedMethod("*");
otherConfig.applyPermitDefaultValues();
this.registry.addMapping("/api/**").combine(otherConfig);
Map<String, CorsConfiguration> configs = this.registry.getCorsConfigurations();
assertThat(configs.size()).isEqualTo(1);
CorsConfiguration config = configs.get("/api/**");
assertThat(config.getAllowedOrigins()).isEqualTo(Collections.singletonList("http://localhost:3000"));
assertThat(config.getAllowedMethods()).isEqualTo(Collections.singletonList("*"));
assertThat(config.getAllowedHeaders()).isEqualTo(Collections.singletonList("*"));
assertThat(config.getExposedHeaders()).isEmpty();
assertThat(config.getAllowCredentials()).isNull();
assertThat(config.getMaxAge()).isEqualTo(Long.valueOf(1800));
}
use of cn.taketoday.web.cors.CorsConfiguration in project today-infrastructure by TAKETODAY.
the class RequestMappingHandlerMapping method initCorsConfiguration.
@Override
protected CorsConfiguration initCorsConfiguration(Object handler, Method method, RequestMappingInfo mappingInfo) {
HandlerMethod handlerMethod = createHandlerMethod(handler, method);
Class<?> beanType = handlerMethod.getBeanType();
CrossOrigin typeAnnotation = AnnotatedElementUtils.findMergedAnnotation(beanType, CrossOrigin.class);
CrossOrigin methodAnnotation = AnnotatedElementUtils.findMergedAnnotation(method, CrossOrigin.class);
if (typeAnnotation == null && methodAnnotation == null) {
return null;
}
CorsConfiguration config = new CorsConfiguration();
updateCorsConfig(config, typeAnnotation);
updateCorsConfig(config, methodAnnotation);
if (CollectionUtils.isEmpty(config.getAllowedMethods())) {
for (HttpMethod allowedMethod : mappingInfo.getMethodsCondition().getMethods()) {
config.addAllowedMethod(allowedMethod.name());
}
}
return config.applyPermitDefaultValues();
}
use of cn.taketoday.web.cors.CorsConfiguration in project today-infrastructure by TAKETODAY.
the class HandlerCorsCustomizer method customize.
@Override
public Object customize(ActionMappingAnnotationHandler handler) {
// 预防已经设置
HandlerInterceptor[] interceptors = handler.getInterceptors();
if (ObjectUtils.isNotEmpty(interceptors)) {
for (HandlerInterceptor interceptor : interceptors) {
if (interceptor instanceof CorsHandlerInterceptor) {
return handler;
}
}
}
CrossOrigin methodCrossOrigin = handler.getMethod().getMethodAnnotation(CrossOrigin.class);
CrossOrigin classCrossOrigin = handler.getMethod().getDeclaringClassAnnotation(CrossOrigin.class);
if (classCrossOrigin == null && methodCrossOrigin == null) {
// 没有 @CrossOrigin 配置
return handler;
}
CorsConfiguration config = new CorsConfiguration();
updateCorsConfig(config, classCrossOrigin);
updateCorsConfig(config, methodCrossOrigin);
// 覆盖默认
config.applyPermitDefaultValues();
CorsHandlerInterceptor interceptor = new CorsHandlerInterceptor(config);
interceptor.setCorsProcessor(processor);
interceptor.setOrder(Ordered.HIGHEST_PRECEDENCE);
handler.addInterceptors(interceptor);
return handler;
}
Aggregations