From b49d0442b2d98e4ade11490f5bb9dbaf5f2c4e2f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?user=20=EC=9D=B4=EB=A6=84?= <user 이메일>
Date: Thu, 8 Feb 2024 12:55:48 +0900
Subject: [PATCH] =?UTF-8?q?develop=20[develop]=20cors=20=EC=9E=84=EC=8B=9C?=
 =?UTF-8?q?=20=EC=84=A4=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../configuration/SecurityConfiguration.java    | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/yello/server/domain/authorization/configuration/SecurityConfiguration.java b/src/main/java/com/yello/server/domain/authorization/configuration/SecurityConfiguration.java
index 14bc887d..058e9b07 100644
--- a/src/main/java/com/yello/server/domain/authorization/configuration/SecurityConfiguration.java
+++ b/src/main/java/com/yello/server/domain/authorization/configuration/SecurityConfiguration.java
@@ -8,6 +8,7 @@
 import com.yello.server.domain.authorization.service.TokenProvider;
 import com.yello.server.domain.user.repository.UserRepository;
 import com.yello.server.global.exception.ExceptionHandlerFilter;
+import java.util.Arrays;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -16,6 +17,9 @@
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 @Configuration
 @EnableWebSecurity
@@ -27,6 +31,17 @@ public class SecurityConfiguration {
     private final TokenProvider tokenProvider;
     private final UserRepository userRepository;
 
+    @Bean
+    CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration configuration = new CorsConfiguration();
+        configuration.setAllowedOrigins(Arrays.asList("*"));
+        configuration.setAllowedMethods(Arrays.asList("*"));
+        configuration.setAllowedHeaders(Arrays.asList("*"));
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", configuration);
+        return source;
+    }
+
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
         return httpSecurity
@@ -37,7 +52,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws
                 httpSecurityCsrfConfigurer.disable();
             })
             .cors(httpSecurityCorsConfigurer -> {
-                httpSecurityCorsConfigurer.disable();
+                httpSecurityCorsConfigurer.configurationSource(corsConfigurationSource());
             })
             .authorizeHttpRequests(authorizationManagerRequestMatcherRegistry -> {
                 authorizationManagerRequestMatcherRegistry