Skip to content

Commit

Permalink
fix(cors): remove explicit CORS handling (cryostatio#327)
Browse files Browse the repository at this point in the history
  • Loading branch information
andrewazores authored Jul 18, 2024
1 parent 85a6f74 commit 604ebf3
Showing 1 changed file with 19 additions and 51 deletions.
70 changes: 19 additions & 51 deletions src/main/java/io/cryostat/Health.java
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,6 @@
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.Response.ResponseBuilder;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.jboss.logging.Logger;
Expand Down Expand Up @@ -95,23 +94,22 @@ public Response health() {
reportsAvailable.complete(true);
}

return new PermittedResponseBuilder(
Response.ok(
Map.of(
"cryostatVersion",
String.format("v%s", version),
"dashboardConfigured",
dashboardURL.isPresent(),
"dashboardAvailable",
dashboardAvailable.join(),
"datasourceConfigured",
datasourceURL.isPresent(),
"datasourceAvailable",
datasourceAvailable.join(),
"reportsConfigured",
reportsConfigured,
"reportsAvailable",
reportsAvailable.join())))
return Response.ok(
Map.of(
"cryostatVersion",
String.format("v%s", version),
"dashboardConfigured",
dashboardURL.isPresent(),
"dashboardAvailable",
dashboardAvailable.join(),
"datasourceConfigured",
datasourceURL.isPresent(),
"datasourceAvailable",
datasourceAvailable.join(),
"reportsConfigured",
reportsConfigured,
"reportsAvailable",
reportsAvailable.join()))
.build();
}

Expand All @@ -135,19 +133,15 @@ public Response grafanaDashboardUrl() {
dashboardExternalURL.orElseGet(
() -> dashboardURL.orElseThrow(() -> new BadRequestException()));

return new PermittedResponseBuilder(Response.ok(Map.of("grafanaDashboardUrl", url)))
.build();
return Response.ok(Map.of("grafanaDashboardUrl", url)).build();
}

@GET
@Path("/api/v1/grafana_datasource_url")
@PermitAll
@Produces({MediaType.APPLICATION_JSON})
public Response grafanaDatasourceUrl() {
return new PermittedResponseBuilder(
Response.ok(Map.of("grafanaDatasourceUrl", datasourceURL)))
.corsSkippedHeaders()
.build();
return Response.ok(Map.of("grafanaDatasourceUrl", datasourceURL)).build();
}

private void checkUri(
Expand All @@ -161,7 +155,7 @@ private void checkUri(
future.complete(false);
return;
}
logger.debugv("Testing health of {1}={2} {3}", configProperty, uri.toString(), path);
logger.debugv("Testing health of {0}={1} {2}", configProperty, uri.toString(), path);
HttpRequest<Buffer> req = webClient.get(uri.getHost(), path);
if (uri.getPort() != -1) {
req = req.port(uri.getPort());
Expand All @@ -183,30 +177,4 @@ private void checkUri(
future.complete(false);
}
}

static class PermittedResponseBuilder {
private ResponseBuilder builder;

public PermittedResponseBuilder(ResponseBuilder builder) {
this.builder = builder;
}

public ResponseBuilder corsSkippedHeaders() {
// TODO @PermitAll annotation seems to skip the CORS filter, so these headers don't get
// added. We shouldn't need to add them manually like this and they should not be added
// in
// prod builds.
return this.builder
.header("Access-Control-Allow-Origin", "http://localhost:9000")
.header(
"Access-Control-Allow-Headers",
"accept, origin, authorization, content-type," + " x-requested-with")
.header("Access-Control-Allow-Methods", "GET,POST,OPTIONS")
.header("Access-Control-Allow-Credentials", "true");
}

public Response build() {
return builder.build();
}
}
}

0 comments on commit 604ebf3

Please sign in to comment.