Skip to content

Commit

Permalink
change cors configuration
Browse files Browse the repository at this point in the history
add /api/token2 uri mapping for json payload

Signed-off-by: Bogdan Sava <[email protected]>
Signed-off-by: Nigel Jones <[email protected]>
  • Loading branch information
bogdan-sava authored and planetf1 committed Mar 28, 2023
1 parent 65fb850 commit d0f7eae
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 21 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -4,21 +4,18 @@

import org.odpi.openmetadata.userinterface.uichassis.springboot.auth.model.LoginRequest;
import org.odpi.openmetadata.userinterface.uichassis.springboot.auth.service.TokenService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class AuthController {

private static final Logger LOG = LoggerFactory.getLogger(AuthController.class);

private final TokenService tokenService;
private final AuthenticationManager authenticationManager;

Expand All @@ -27,11 +24,18 @@ public AuthController(TokenService tokenService, AuthenticationManager authentic
this.authenticationManager = authenticationManager;
}

@PostMapping("/api/token")
@PostMapping("/api/token2")
public String token(@RequestBody LoginRequest userLogin) throws AuthenticationException {
Authentication authentication = authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken(userLogin.username(), userLogin.password()));
return tokenService.generateToken(authentication);
}

@PostMapping("/api/token")
public String token(@RequestParam String username, @RequestParam String password) throws AuthenticationException {
Authentication authentication = authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken(username, password));
return tokenService.generateToken(authentication);
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -26,11 +26,9 @@
import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
import org.springframework.security.oauth2.jwt.NimbusJwtEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

import java.util.Arrays;
import java.util.List;

/**
Expand Down Expand Up @@ -76,22 +74,18 @@ JwtDecoder jwtDecoder() throws JOSEException {
}

/**
*Returns CorsConfigurationSource the cors configuration
*Returns WebMvcConfigurer for the cors configuration
* The bean is based on springboot configuration property cors.allowed-origins
*/
@Bean
@ConditionalOnProperty(value = "cors.allowed-origins")
CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
if( allowedOrigins!=null && !allowedOrigins.isEmpty()) {
configuration.setAllowedOrigins(allowedOrigins);
configuration.setAllowedMethods(Arrays.asList("GET","POST"));
configuration.addExposedHeader("x-auth-token");
configuration.setAllowedHeaders(Arrays.asList("content-type","x-auth-token"));
source.registerCorsConfiguration("/**", configuration);
}
return source;
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurer() {
@Override
public void addCorsMappings( CorsRegistry registry ) {
registry.addMapping("/**").allowedOrigins(allowedOrigins.toArray(new String[]{}));
}
};
}

@Bean
Expand Down

0 comments on commit d0f7eae

Please sign in to comment.