1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.bremersee.web;
18
19 import java.util.ArrayList;
20 import java.util.Collections;
21 import java.util.List;
22 import java.util.stream.Collectors;
23 import javax.validation.constraints.NotEmpty;
24 import javax.validation.constraints.NotNull;
25 import lombok.EqualsAndHashCode;
26 import lombok.Getter;
27 import lombok.Setter;
28 import lombok.ToString;
29 import org.springframework.boot.context.properties.ConfigurationProperties;
30 import org.springframework.util.StringUtils;
31 import org.springframework.validation.annotation.Validated;
32
33
34
35
36
37
38 @ConfigurationProperties(prefix = "bremersee.cors")
39 @Setter
40 @ToString
41 @EqualsAndHashCode
42 @Validated
43 public class CorsProperties {
44
45 @Getter
46 private boolean enable = true;
47
48 @Getter
49 private boolean allowAll = true;
50
51 @NotNull
52 private List<CorsConfiguration> configs = new ArrayList<>();
53
54
55
56
57
58
59 @NotEmpty
60 public static List<CorsConfiguration> allowAllConfiguration() {
61 return Collections
62 .singletonList(CorsConfiguration.allowAllConfiguration());
63 }
64
65
66
67
68
69
70 @NotNull
71 public List<CorsConfiguration> getConfigs() {
72 if (configs == null) {
73 configs = new ArrayList<>();
74 }
75 if (enable && allowAll && configs.isEmpty()) {
76 return allowAllConfiguration();
77 }
78 return configs.stream()
79 .filter(config -> StringUtils.hasText(config.getPathPattern()))
80 .collect(Collectors.toList());
81 }
82
83
84
85
86 @Setter
87 @ToString
88 @EqualsAndHashCode
89 @Validated
90 public static class CorsConfiguration {
91
92 @Getter
93 private String pathPattern;
94
95 private List<String> allowedOrigins = new ArrayList<>();
96
97 private List<String> allowedMethods = new ArrayList<>();
98
99 private List<String> allowedHeaders = new ArrayList<>();
100
101 @Getter
102 @NotNull
103 private List<String> exposedHeaders = new ArrayList<>();
104
105 @Getter
106 private boolean allowCredentials;
107
108 @Getter
109 private long maxAge = 1800L;
110
111
112
113
114
115
116 static CorsConfiguration allowAllConfiguration() {
117 CorsConfiguration configuration = new CorsConfiguration();
118 configuration.pathPattern = "/**";
119 configuration.allowedOrigins = Collections.singletonList("*");
120 configuration.allowedMethods = Collections.singletonList("*");
121 configuration.allowedHeaders = Collections.singletonList("*");
122 configuration.allowCredentials = false;
123 return configuration;
124 }
125
126
127
128
129
130
131 @NotEmpty
132 public List<String> getAllowedOrigins() {
133 if (allowedOrigins == null) {
134 allowedOrigins = new ArrayList<>();
135 }
136 if (allowedOrigins.isEmpty()) {
137 allowedOrigins.add("*");
138 }
139 return allowedOrigins;
140 }
141
142
143
144
145
146
147 @NotEmpty
148 public List<String> getAllowedMethods() {
149 if (allowedMethods == null) {
150 allowedMethods = new ArrayList<>();
151 }
152 if (allowedMethods.isEmpty()) {
153 allowedMethods.add("*");
154 }
155 return allowedMethods;
156 }
157
158
159
160
161
162
163 @NotEmpty
164 public List<String> getAllowedHeaders() {
165 if (allowedHeaders == null) {
166 allowedHeaders = new ArrayList<>();
167 }
168 if (allowedHeaders.isEmpty()) {
169 allowedHeaders.add("*");
170 }
171 return allowedHeaders;
172 }
173 }
174 }