From 6d1dc6a6a53be4edd4824fa40e07fa69669bf479 Mon Sep 17 00:00:00 2001 From: Nils Ove Tendenes Date: Tue, 26 Nov 2024 08:19:22 +0100 Subject: [PATCH] chore: add cors --- deploy/demo/env.yaml | 4 ++- deploy/prod/env.yaml | 4 ++- deploy/staging/env.yaml | 2 ++ .../security/SecurityConfig.kt | 27 +++++++++++++++++-- .../resources/application-develop.properties | 1 + .../resources/application-test.properties | 1 + src/main/resources/application.properties | 3 ++- 7 files changed, 37 insertions(+), 5 deletions(-) diff --git a/deploy/demo/env.yaml b/deploy/demo/env.yaml index 1a89718..59d19c3 100644 --- a/deploy/demo/env.yaml +++ b/deploy/demo/env.yaml @@ -45,4 +45,6 @@ spec: valueFrom: secretKeyRef: name: commonurl-demo - key: ORGANIZATION_CATALOG_BASE_URI \ No newline at end of file + key: ORGANIZATION_CATALOG_BASE_URI + - name: CORS_ORIGIN_PATTERNS + value: https://demo.fellesdatakatalog.digdir.no,https://*.demo.fellesdatakatalog.digdir.no \ No newline at end of file diff --git a/deploy/prod/env.yaml b/deploy/prod/env.yaml index d388671..5806660 100644 --- a/deploy/prod/env.yaml +++ b/deploy/prod/env.yaml @@ -45,4 +45,6 @@ spec: valueFrom: secretKeyRef: name: commonurl-prod - key: ORGANIZATION_CATALOG_BASE_URI \ No newline at end of file + key: ORGANIZATION_CATALOG_BASE_URI + - name: CORS_ORIGIN_PATTERNS + value: https://fellesdatakatalog.digdir.no,https://*.fellesdatakatalog.digdir.no,https://data.norge.no,https://data.transportportal.no,https://transportportal.no \ No newline at end of file diff --git a/deploy/staging/env.yaml b/deploy/staging/env.yaml index d52944d..505150e 100644 --- a/deploy/staging/env.yaml +++ b/deploy/staging/env.yaml @@ -48,3 +48,5 @@ spec: secretKeyRef: name: commonurl-staging key: ORGANIZATION_CATALOG_BASE_URI + - name: CORS_ORIGIN_PATTERNS + value: https://staging.fellesdatakatalog.digdir.no,https://*.staging.fellesdatakatalog.digdir.no,http://localhost:* diff --git a/src/main/kotlin/no/digdir/organizationcatalog/security/SecurityConfig.kt b/src/main/kotlin/no/digdir/organizationcatalog/security/SecurityConfig.kt index 787b377..88f45af 100644 --- a/src/main/kotlin/no/digdir/organizationcatalog/security/SecurityConfig.kt +++ b/src/main/kotlin/no/digdir/organizationcatalog/security/SecurityConfig.kt @@ -1,5 +1,8 @@ package no.digdir.organizationcatalog.security +import org.slf4j.Logger +import org.slf4j.LoggerFactory +import org.springframework.beans.factory.annotation.Value import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration @@ -12,12 +15,28 @@ import org.springframework.security.web.SecurityFilterChain import org.springframework.web.cors.CorsConfiguration @Configuration -open class SecurityConfig { +open class SecurityConfig( + @Value("\${application.cors.originPatterns}") + val corsOriginPatterns: Array +) { @Bean open fun filterChain(http: HttpSecurity): SecurityFilterChain { http - .cors { } + .cors { cors -> + cors.configurationSource { _ -> + val config = CorsConfiguration() + config.allowCredentials = false + config.allowedHeaders = listOf("*") + config.maxAge = 3600L + config.allowedOriginPatterns = corsOriginPatterns.toList() + config.allowedMethods = listOf("GET", "POST", "OPTIONS", "DELETE", "PUT") + + logger.debug("CORS configuration allowed origin patterns: {}", config.allowedOriginPatterns) + + config + } + } .csrf { it.disable() } .authorizeHttpRequests { authorize -> authorize.requestMatchers(HttpMethod.OPTIONS).permitAll() @@ -40,4 +59,8 @@ open class SecurityConfig { ) return jwtDecoder } + + companion object { + private val logger: Logger = LoggerFactory.getLogger(SecurityConfig::class.java) + } } diff --git a/src/main/resources/application-develop.properties b/src/main/resources/application-develop.properties index 83d488b..cac1908 100644 --- a/src/main/resources/application-develop.properties +++ b/src/main/resources/application-develop.properties @@ -7,5 +7,6 @@ application.organizationCatalogUrl: http://localhost:8140/organizations/ application.municipalityUrl: https://data.geonorge.no/administrativeEnheter/kommune/id/ application.testOrganizations: 555111290,568843537,910131028,910244132,910258028,910298062,910888447,911259583,911527170,916285515,973633449 application.defaultOrgPath: /ANNET/ +application.cors.originPatterns: * server.port: 8140 diff --git a/src/main/resources/application-test.properties b/src/main/resources/application-test.properties index f12114c..ee90636 100644 --- a/src/main/resources/application-test.properties +++ b/src/main/resources/application-test.properties @@ -8,3 +8,4 @@ application.organizationCatalogUrl: http://localhost:5050/organizations/ application.municipalityUrl: http://localhost:5050/administrativeEnheter/kommune/id/ application.testOrganizations: 555111290,568843537,910131028,910244132,910258028,910298062,910888447,911259583,911527170,916285515,973633449 application.defaultOrgPath: /ANNET/ +application.cors.originPatterns: * diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 1d7dc8c..e6edfd7 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,5 +1,5 @@ logging.level.root: WARN -logging.level.no: ${LOG_LEVEL:DEBUG} +logging.level.no: ${LOG_LEVEL:INFO} logging.level.org.springframework: WARN logging.level.org.springframework.web: WARN @@ -15,5 +15,6 @@ application.organizationCatalogUrl: ${ORGANIZATION_CATALOG_HOST:https://organiza application.municipalityUrl: ${GEONORGE_MUNICIPALITY_URL:https://data.geonorge.no/administrativeEnheter/kommune/id/} application.testOrganizations: 555111290,568843537,910131028,910244132,910258028,910298062,910888447,911259583,911527170,916285515,973633449 application.defaultOrgPath: /ANNET/ +application.cors.originPatterns: ${CORS_ORIGIN_PATTERNS} server.port: 8080 \ No newline at end of file