Search in sources :

Example 6 with CorsConfiguration

use of cn.taketoday.web.cors.CorsConfiguration in project today-framework by TAKETODAY.

the class CorsRegistryTests method allowCredentials.

@Test
public void allowCredentials() {
    this.registry.addMapping("/foo").allowCredentials(true);
    CorsConfiguration config = this.registry.getCorsConfigurations().get("/foo");
    assertThat(config.getAllowedOrigins()).as("Globally origins=\"*\" and allowCredentials=true should be possible").containsExactly("*");
}
Also used : CorsConfiguration(cn.taketoday.web.cors.CorsConfiguration) Test(org.junit.jupiter.api.Test)

Example 7 with CorsConfiguration

use of cn.taketoday.web.cors.CorsConfiguration in project today-framework by TAKETODAY.

the class CorsRegistryTests method combine.

@Test
void combine() {
    CorsConfiguration otherConfig = new CorsConfiguration();
    otherConfig.addAllowedOrigin("http://localhost:3000");
    otherConfig.addAllowedMethod("*");
    otherConfig.applyPermitDefaultValues();
    this.registry.addMapping("/api/**").combine(otherConfig);
    Map<String, CorsConfiguration> configs = this.registry.getCorsConfigurations();
    assertThat(configs.size()).isEqualTo(1);
    CorsConfiguration config = configs.get("/api/**");
    assertThat(config.getAllowedOrigins()).isEqualTo(Collections.singletonList("http://localhost:3000"));
    assertThat(config.getAllowedMethods()).isEqualTo(Collections.singletonList("*"));
    assertThat(config.getAllowedHeaders()).isEqualTo(Collections.singletonList("*"));
    assertThat(config.getExposedHeaders()).isEmpty();
    assertThat(config.getAllowCredentials()).isNull();
    assertThat(config.getMaxAge()).isEqualTo(Long.valueOf(1800));
}
Also used : CorsConfiguration(cn.taketoday.web.cors.CorsConfiguration) Test(org.junit.jupiter.api.Test)

Example 8 with CorsConfiguration

use of cn.taketoday.web.cors.CorsConfiguration in project today-infrastructure by TAKETODAY.

the class RequestMappingHandlerMapping method initCorsConfiguration.

@Override
protected CorsConfiguration initCorsConfiguration(Object handler, Method method, RequestMappingInfo mappingInfo) {
    HandlerMethod handlerMethod = createHandlerMethod(handler, method);
    Class<?> beanType = handlerMethod.getBeanType();
    CrossOrigin typeAnnotation = AnnotatedElementUtils.findMergedAnnotation(beanType, CrossOrigin.class);
    CrossOrigin methodAnnotation = AnnotatedElementUtils.findMergedAnnotation(method, CrossOrigin.class);
    if (typeAnnotation == null && methodAnnotation == null) {
        return null;
    }
    CorsConfiguration config = new CorsConfiguration();
    updateCorsConfig(config, typeAnnotation);
    updateCorsConfig(config, methodAnnotation);
    if (CollectionUtils.isEmpty(config.getAllowedMethods())) {
        for (HttpMethod allowedMethod : mappingInfo.getMethodsCondition().getMethods()) {
            config.addAllowedMethod(allowedMethod.name());
        }
    }
    return config.applyPermitDefaultValues();
}
Also used : CrossOrigin(cn.taketoday.web.annotation.CrossOrigin) CorsConfiguration(cn.taketoday.web.cors.CorsConfiguration) HttpMethod(cn.taketoday.http.HttpMethod)

Example 9 with CorsConfiguration

use of cn.taketoday.web.cors.CorsConfiguration in project today-infrastructure by TAKETODAY.

the class HandlerCorsCustomizer method customize.

@Override
public Object customize(ActionMappingAnnotationHandler handler) {
    // 预防已经设置
    HandlerInterceptor[] interceptors = handler.getInterceptors();
    if (ObjectUtils.isNotEmpty(interceptors)) {
        for (HandlerInterceptor interceptor : interceptors) {
            if (interceptor instanceof CorsHandlerInterceptor) {
                return handler;
            }
        }
    }
    CrossOrigin methodCrossOrigin = handler.getMethod().getMethodAnnotation(CrossOrigin.class);
    CrossOrigin classCrossOrigin = handler.getMethod().getDeclaringClassAnnotation(CrossOrigin.class);
    if (classCrossOrigin == null && methodCrossOrigin == null) {
        // 没有 @CrossOrigin 配置
        return handler;
    }
    CorsConfiguration config = new CorsConfiguration();
    updateCorsConfig(config, classCrossOrigin);
    updateCorsConfig(config, methodCrossOrigin);
    // 覆盖默认
    config.applyPermitDefaultValues();
    CorsHandlerInterceptor interceptor = new CorsHandlerInterceptor(config);
    interceptor.setCorsProcessor(processor);
    interceptor.setOrder(Ordered.HIGHEST_PRECEDENCE);
    handler.addInterceptors(interceptor);
    return handler;
}
Also used : CrossOrigin(cn.taketoday.web.annotation.CrossOrigin) CorsHandlerInterceptor(cn.taketoday.web.interceptor.CorsHandlerInterceptor) CorsConfiguration(cn.taketoday.web.cors.CorsConfiguration) HandlerInterceptor(cn.taketoday.web.interceptor.HandlerInterceptor) CorsHandlerInterceptor(cn.taketoday.web.interceptor.CorsHandlerInterceptor)

Aggregations

CorsConfiguration (cn.taketoday.web.cors.CorsConfiguration)9 CrossOrigin (cn.taketoday.web.annotation.CrossOrigin)4 Test (org.junit.jupiter.api.Test)3 HttpMethod (cn.taketoday.http.HttpMethod)2 RequestContext (cn.taketoday.web.RequestContext)2 WebApplicationContext (cn.taketoday.web.WebApplicationContext)2 CorsHandlerInterceptor (cn.taketoday.web.interceptor.CorsHandlerInterceptor)2 HandlerInterceptor (cn.taketoday.web.interceptor.HandlerInterceptor)2 ServletRequestContext (cn.taketoday.web.servlet.ServletRequestContext)2