Skip to content

Commit

Permalink
add forwardedHeaderFilter
Browse files Browse the repository at this point in the history
  • Loading branch information
@psychology50
psychology50 committed Nov 15, 2023
1 parent 02f42d0 commit 83a0f79
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/main/java/io/oopy/coding/common/config/security/SecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ public AuthenticationEntryPoint authenticationEntryPoint() {
public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
httpSecurity.csrf(AbstractHttpConfigurer::disable)
.httpBasic(AbstractHttpConfigurer::disable)
.cors((cors) -> cors.configurationSource(corsConfigurationSource()))
.cors(httpSecurityCorsConfigurer -> corsConfigurationSource())
.formLogin(AbstractHttpConfigurer::disable)
.logout(AbstractHttpConfigurer::disable)
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
Expand Down Expand Up @@ -97,7 +97,7 @@ CorsConfigurationSource corsConfigurationSource() {
configuration.setAllowedMethods(List.of("GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE"));
configuration.setAllowedHeaders(List.of("*"));
configuration.setMaxAge(3600L);
configuration.setExposedHeaders(List.of(SET_COOKIE, AUTHORIZATION, AuthConstants.REFRESH_TOKEN.getValue()));
configuration.setExposedHeaders(List.of(SET_COOKIE, "accessToken", AuthConstants.REFRESH_TOKEN.getValue()));
configuration.setAllowCredentials(true);
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
Expand Down

0 comments on commit 83a0f79

Please sign in to comment.