View Javadoc
1   /*
2    * Copyright 2019-2020 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.bremersee.web;
18  
19  import java.util.ArrayList;
20  import java.util.Collections;
21  import java.util.List;
22  import java.util.stream.Collectors;
23  import javax.validation.constraints.NotEmpty;
24  import javax.validation.constraints.NotNull;
25  import lombok.EqualsAndHashCode;
26  import lombok.Getter;
27  import lombok.Setter;
28  import lombok.ToString;
29  import org.springframework.boot.context.properties.ConfigurationProperties;
30  import org.springframework.util.StringUtils;
31  import org.springframework.validation.annotation.Validated;
32  
33  /**
34   * The cors properties.
35   *
36   * @author Christian Bremer
37   */
38  @ConfigurationProperties(prefix = "bremersee.cors")
39  @Setter
40  @ToString
41  @EqualsAndHashCode
42  @Validated
43  public class CorsProperties {
44  
45    @Getter
46    private boolean enable = true;
47  
48    @Getter
49    private boolean allowAll = true;
50  
51    @NotNull
52    private List<CorsConfiguration> configs = new ArrayList<>();
53  
54    /**
55     * Allow all configuration.
56     *
57     * @return the allow all configuration
58     */
59    @NotEmpty
60    public static List<CorsConfiguration> allowAllConfiguration() {
61      return Collections
62          .singletonList(CorsConfiguration.allowAllConfiguration());
63    }
64  
65    /**
66     * Gets configs.
67     *
68     * @return the configs
69     */
70    @NotNull
71    public List<CorsConfiguration> getConfigs() {
72      if (configs == null) {
73        configs = new ArrayList<>();
74      }
75      if (enable && allowAll && configs.isEmpty()) {
76        return allowAllConfiguration();
77      }
78      return configs.stream()
79          .filter(config -> StringUtils.hasText(config.getPathPattern()))
80          .collect(Collectors.toList());
81    }
82  
83    /**
84     * The cors configuration.
85     */
86    @Setter
87    @ToString
88    @EqualsAndHashCode
89    @Validated
90    public static class CorsConfiguration {
91  
92      @Getter
93      private String pathPattern;
94  
95      private List<String> allowedOrigins = new ArrayList<>();
96  
97      private List<String> allowedMethods = new ArrayList<>();
98  
99      private List<String> allowedHeaders = new ArrayList<>();
100 
101     @Getter
102     @NotNull
103     private List<String> exposedHeaders = new ArrayList<>();
104 
105     @Getter
106     private boolean allowCredentials;
107 
108     @Getter
109     private long maxAge = 1800L;
110 
111     /**
112      * Allow all configuration.
113      *
114      * @return the allow all configuration
115      */
116     static CorsConfiguration allowAllConfiguration() {
117       CorsConfiguration configuration = new CorsConfiguration();
118       configuration.pathPattern = "/**";
119       configuration.allowedOrigins = Collections.singletonList("*");
120       configuration.allowedMethods = Collections.singletonList("*");
121       configuration.allowedHeaders = Collections.singletonList("*");
122       configuration.allowCredentials = false;
123       return configuration;
124     }
125 
126     /**
127      * Gets allowed origins.
128      *
129      * @return the allowed origins
130      */
131     @NotEmpty
132     public List<String> getAllowedOrigins() {
133       if (allowedOrigins == null) {
134         allowedOrigins = new ArrayList<>();
135       }
136       if (allowedOrigins.isEmpty()) {
137         allowedOrigins.add("*");
138       }
139       return allowedOrigins;
140     }
141 
142     /**
143      * Gets allowed methods.
144      *
145      * @return the allowed methods
146      */
147     @NotEmpty
148     public List<String> getAllowedMethods() {
149       if (allowedMethods == null) {
150         allowedMethods = new ArrayList<>();
151       }
152       if (allowedMethods.isEmpty()) {
153         allowedMethods.add("*");
154       }
155       return allowedMethods;
156     }
157 
158     /**
159      * Gets allowed headers.
160      *
161      * @return the allowed headers
162      */
163     @NotEmpty
164     public List<String> getAllowedHeaders() {
165       if (allowedHeaders == null) {
166         allowedHeaders = new ArrayList<>();
167       }
168       if (allowedHeaders.isEmpty()) {
169         allowedHeaders.add("*");
170       }
171       return allowedHeaders;
172     }
173   }
174 }