fix:QualityGate

Refactor CORS configuration for better readability. Replaces inline CORS setup with a more structured approach by creating and returning an instance of `CorsConfiguration`. This improves the readability and maintainability of the code, aligning with best practices. No functional changes were introduced.
k2works · Dec 27, 2024 · 1f0c4b8 · 1f0c4b8
1 parent 5701dd4
commit 1f0c4b8
Showing 1 changed file with 11 additions and 8 deletions.
diff --git a/app/backend/api/src/main/java/com/example/sms/WebSecurityConfig.java b/app/backend/api/src/main/java/com/example/sms/WebSecurityConfig.java
@@ -23,14 +23,17 @@ public class WebSecurityConfig {
     PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
     }
+
     @Bean
     public AuthTokenFilter authenticationJwtTokenFilter() {
         return new AuthTokenFilter();
     }
+
     @Bean
     public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
         return authenticationConfiguration.getAuthenticationManager();
     }
+
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http.formLogin(login -> login
@@ -47,13 +50,14 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
         ).csrf(csrf -> csrf.ignoringRequestMatchers(PathRequest.toH2Console())
         ).csrf(csrf -> csrf.ignoringRequestMatchers("/api/**")
         ).cors(cors -> cors
-                .configurationSource(request -> new org.springframework.web.cors.CorsConfiguration() {{
-                            setAllowedOriginPatterns(java.util.List.of("*"));
-                            setAllowedMethods(java.util.List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
-                            setAllowedHeaders(java.util.List.of("*"));
-                            setAllowCredentials(true);
-                        }}
-                )
+                .configurationSource(request -> {
+                    org.springframework.web.cors.CorsConfiguration corsConfiguration = new org.springframework.web.cors.CorsConfiguration();
+                    corsConfiguration.setAllowedOriginPatterns(java.util.List.of("*"));
+                    corsConfiguration.setAllowedMethods(java.util.List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
+                    corsConfiguration.setAllowedHeaders(java.util.List.of("*"));
+                    corsConfiguration.setAllowCredentials(true);
+                    return corsConfiguration;
+                })
         ).authorizeHttpRequests(authz -> authz
                         .requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
                         .requestMatchers("/h2-console/**").permitAll()
@@ -63,7 +67,6 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                 //).sessionManagement(s -> s.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                 //).exceptionHandling(ex -> ex.authenticationEntryPoint(new AuthEntryPointJwt())
         );
-
         http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
         return http.build();
     }