Skip to content

Feature/cores whitelist #193

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
HuiJun merged 9 commits into from
Aug 22, 2022
Merged

Feature/cores whitelist #193

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
04a7392
Bump version
HuiJun Jan 11, 2022
0b73243
Merge pull request #181 from Open-MBEE/release/4.0.6
HuiJun Jan 18, 2022
d3db5c5
Merge branch 'master' into release/4.0.7
HuiJun Feb 25, 2022
415a597
Merge pull request #186 from Open-MBEE/release/4.0.7
HuiJun Feb 25, 2022
6bd10f0
Test build with jdk 19
HuiJun Jun 14, 2022
755b937
Upgrade gradle wrapper
HuiJun Jun 14, 2022
d9c935e
Revert back to JDK 17.0.2 image
HuiJun Jun 14, 2022
fd2650b
Merge pull request #191 from Open-MBEE/release/4.0.8
HuiJun Jun 14, 2022
63e4a30
Add property to specify allowed cross-site-origins
Jun 29, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 8 additions & 2 deletions example/src/main/java/org/openmbee/mms/example/config/ExampleSecurityConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import org.openmbee.mms.authenticator.config.AuthSecurityConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.MediaType;
Expand Down Expand Up @@ -31,6 +32,9 @@
@EnableAsync
public class ExampleSecurityConfig extends WebSecurityConfigurerAdapter implements WebMvcConfigurer {

@Value("${cors.allowed.origins:*}")
private String allowedOrigins;

@Autowired
AuthSecurityConfig authSecurityConfig;

Expand All @@ -57,7 +61,7 @@ public AuthenticationManager authenticationManagerBean() throws Exception {

@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("GET", "POST", "PUT", "DELETE");
registry.addMapping("/**").allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS");
}

private CorsFilter corsFilter() {
Expand All @@ -70,7 +74,9 @@ private CorsFilter corsFilter() {

CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("*");
for(String origin: allowedOrigins.split(",")) {
config.addAllowedOrigin(origin);
}
config.addAllowedHeader(ORIGIN);
config.addAllowedHeader(CONTENT_TYPE);
config.addAllowedHeader(ACCEPT);
Expand Down
2 changes: 2 additions & 0 deletions example/src/main/resources/application-test.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ mms.admin.password=test

mms.stream.batch.size=100000

cors.allowed.origins=*

jwt.secret=12345678901234567890123456789012
jwt.expiration=86400
jwt.header=Authorization
Expand Down
3 changes: 3 additions & 0 deletions example/src/main/resources/application.properties.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ mms.admin.password=test

mms.stream.batch.size=100000

#Comma Separated list of allowed cross site origins
cors.allowed.origins=*

jwt.secret=make_me_something_really_long
jwt.expiration=86400
jwt.header=Authorization
Expand Down
Binary file modified gradle/wrapper/gradle-wrapper.jar
View file
Open in desktop
Binary file not shown.