Skip to content

Commit

Permalink
refactor:[kakao-tech-campus-2nd-step3#84]- refact Security
Browse files Browse the repository at this point in the history
cors 변경
  • Loading branch information
yooonwodyd committed Nov 15, 2024
1 parent 6f05467 commit ad34949
Showing 1 changed file with 3 additions and 17 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
package com.helpmeCookies.global.security;

import static org.springframework.security.config.Customizer.*;

import java.util.Arrays;

import org.springframework.context.annotation.Bean;
Expand Down Expand Up @@ -40,7 +42,6 @@ public WebSecurityCustomizer configure() {

@Bean
public SecurityFilterChain oauth2SecurityFilterChain(HttpSecurity http) throws Exception {
http.cors((cors) -> cors.configurationSource(corsConfigurationSource()));
http
.securityMatcher("/oauth2/**")
.csrf(AbstractHttpConfigurer::disable)
Expand Down Expand Up @@ -72,8 +73,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf(AbstractHttpConfigurer::disable);
http.sessionManagement((session) -> session
.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
http.cors((cors) -> cors.configurationSource(corsConfigurationSource()));

http.cors(withDefaults());
http.authorizeHttpRequests((authorize) ->
authorize
.requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
Expand All @@ -99,22 +99,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
return http.build();
}

@Bean
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("http://1.618.s3-website.ap-northeast-2.amazonaws.com","http://localhost:3000"));
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS"));
configuration.setAllowedHeaders(Arrays.asList("Authorization", "Content-Type", "X-Requested-With", "accept", "Origin", "Access-Control-Request-Method", "Access-Control-Request-Headers"));
configuration.setAllowCredentials(true);

UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}

@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}

}

0 comments on commit ad34949

Please sign in to comment.