Skip to content

Commit

Permalink
Merge pull request #443 from team-yello/develop
Browse files Browse the repository at this point in the history 
develop [develop] cors 임시 설정
  • Loading branch information
@euije
euije authored Feb 8, 2024
2 parents b01045b + b49d044 commit 7204514
Showing 1 changed file with 16 additions and 1 deletion.
17 changes: 16 additions & 1 deletion src/main/java/com/yello/server/domain/authorization/configuration/SecurityConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
import com.yello.server.domain.authorization.service.TokenProvider;
import com.yello.server.domain.user.repository.UserRepository;
import com.yello.server.global.exception.ExceptionHandlerFilter;
import java.util.Arrays;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
Expand All @@ -16,6 +17,9 @@
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

@Configuration
@EnableWebSecurity
Expand All @@ -27,6 +31,17 @@ public class SecurityConfiguration {
private final TokenProvider tokenProvider;
private final UserRepository userRepository;

@Bean
CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("*"));
configuration.setAllowedMethods(Arrays.asList("*"));
configuration.setAllowedHeaders(Arrays.asList("*"));
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}

@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
return httpSecurity
Expand All @@ -37,7 +52,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws
httpSecurityCsrfConfigurer.disable();
})
.cors(httpSecurityCorsConfigurer -> {
httpSecurityCorsConfigurer.disable();
httpSecurityCorsConfigurer.configurationSource(corsConfigurationSource());
})
.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
authorizationManagerRequestMatcherRegistry
Expand Down

0 comments on commit 7204514

Please sign in to comment.