From 600da5a218412e8ca50778426d3fbca1cd57ce58 Mon Sep 17 00:00:00 2001 From: junhaa <2171326@hansung.ac.kr> Date: Thu, 2 May 2024 13:10:50 +0900 Subject: [PATCH 1/3] =?UTF-8?q?:bug:=20FIX.=20cors=20=EC=98=A4=EB=A5=98=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tbd/global/config/SecurityConfig.java | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/main/java/fairytale/tbd/global/config/SecurityConfig.java b/src/main/java/fairytale/tbd/global/config/SecurityConfig.java index 65b3456..b897373 100644 --- a/src/main/java/fairytale/tbd/global/config/SecurityConfig.java +++ b/src/main/java/fairytale/tbd/global/config/SecurityConfig.java @@ -2,6 +2,7 @@ import java.util.Arrays; import java.util.Collections; +import java.util.List; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -17,6 +18,7 @@ import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.logout.LogoutFilter; import org.springframework.web.cors.CorsConfiguration; +import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import com.fasterxml.jackson.databind.ObjectMapper; @@ -62,13 +64,16 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // CORS .cors(corsCustomizer -> corsCustomizer.configurationSource(request -> { CorsConfiguration config = new CorsConfiguration(); - config.setAllowedOrigins(Collections.singletonList("*")); - config.setAllowedMethods(Collections.singletonList("*")); + config.setAllowedOrigins(List.of("*"); + config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS")); config.setAllowCredentials(true); - config.setAllowedHeaders(Collections.singletonList("*")); - config.setExposedHeaders(Arrays.asList("Authorization")); + config.setAllowedHeaders(List.of("*")); + config.setExposedHeaders(Arrays.asList("Authorization", "Authorization-refresh")); config.setMaxAge(3600L); - return config; + + UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); + source.registerCorsConfiguration("/**", config); + return source; })); http.addFilterAfter(customUsernamePwdAuthenticationFilter(), LogoutFilter.class); http.addFilterBefore(jwtAuthenticationFilter(), CustomUsernamePwdAuthenticationFilter.class); From 0d809df3ee7b1218d2f4fa2a0e958d71c26b2718 Mon Sep 17 00:00:00 2001 From: junhaa <2171326@hansung.ac.kr> Date: Thu, 2 May 2024 14:21:06 +0900 Subject: [PATCH 2/3] =?UTF-8?q?:bug:=20FIX.=20cors=20=EC=98=A4=EB=A5=98=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../fairytale/tbd/global/config/SecurityConfig.java | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/src/main/java/fairytale/tbd/global/config/SecurityConfig.java b/src/main/java/fairytale/tbd/global/config/SecurityConfig.java index b897373..cb968a1 100644 --- a/src/main/java/fairytale/tbd/global/config/SecurityConfig.java +++ b/src/main/java/fairytale/tbd/global/config/SecurityConfig.java @@ -2,7 +2,6 @@ import java.util.Arrays; import java.util.Collections; -import java.util.List; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -18,7 +17,6 @@ import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.logout.LogoutFilter; import org.springframework.web.cors.CorsConfiguration; -import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import com.fasterxml.jackson.databind.ObjectMapper; @@ -64,16 +62,13 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // CORS .cors(corsCustomizer -> corsCustomizer.configurationSource(request -> { CorsConfiguration config = new CorsConfiguration(); - config.setAllowedOrigins(List.of("*"); - config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS")); + config.setAllowedOrigins(Collections.singletonList("http://localhost:3000")); + config.setAllowedMethods(Collections.singletonList("*")); config.setAllowCredentials(true); - config.setAllowedHeaders(List.of("*")); + config.setAllowedHeaders(Collections.singletonList("*")); config.setExposedHeaders(Arrays.asList("Authorization", "Authorization-refresh")); config.setMaxAge(3600L); - - UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); - source.registerCorsConfiguration("/**", config); - return source; + return config; })); http.addFilterAfter(customUsernamePwdAuthenticationFilter(), LogoutFilter.class); http.addFilterBefore(jwtAuthenticationFilter(), CustomUsernamePwdAuthenticationFilter.class); From e49213a1e2b1b48bde0e1927070c438f4dc82444 Mon Sep 17 00:00:00 2001 From: junhaa <2171326@hansung.ac.kr> Date: Thu, 2 May 2024 14:48:29 +0900 Subject: [PATCH 3/3] =?UTF-8?q?:bug:=20FIX.=20cors=20=EC=98=A4=EB=A5=98=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/fairytale/tbd/global/config/SecurityConfig.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/fairytale/tbd/global/config/SecurityConfig.java b/src/main/java/fairytale/tbd/global/config/SecurityConfig.java index cb968a1..ad0be90 100644 --- a/src/main/java/fairytale/tbd/global/config/SecurityConfig.java +++ b/src/main/java/fairytale/tbd/global/config/SecurityConfig.java @@ -62,7 +62,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // CORS .cors(corsCustomizer -> corsCustomizer.configurationSource(request -> { CorsConfiguration config = new CorsConfiguration(); - config.setAllowedOrigins(Collections.singletonList("http://localhost:3000")); + config.setAllowedOriginPatterns(Collections.singletonList("*")); config.setAllowedMethods(Collections.singletonList("*")); config.setAllowCredentials(true); config.setAllowedHeaders(Collections.singletonList("*"));