[MERGE] cors error- #351 (#352)

sopt-makers · Sep 25, 2024 · 0f01e32 · 0f01e32
2 parents bb8c1d0 + a5281ef
commit 0f01e32
Showing 1 changed file with 9 additions and 20 deletions.
diff --git a/src/main/java/org/sopt/app/common/config/WebSecurityConfig.java b/src/main/java/org/sopt/app/common/config/WebSecurityConfig.java
@@ -15,8 +15,6 @@
 import org.springframework.security.web.firewall.DefaultHttpFirewall;
 import org.springframework.security.web.firewall.HttpFirewall;
 import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.CorsConfigurationSource;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 @RequiredArgsConstructor
 @EnableWebSecurity
@@ -50,7 +48,15 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .httpBasic(AbstractHttpConfigurer::disable)
                 .requestCache(RequestCacheConfigurer::disable)
                 .formLogin(AbstractHttpConfigurer::disable)
-                .cors(cors -> cors.configurationSource(corsConfigurationSource()))
+                .cors(cors -> cors.configurationSource(req ->{
+                    CorsConfiguration configuration = new CorsConfiguration();
+                    configuration.setAllowedOrigins(List.of("*"));
+                    configuration.setAllowedHeaders(List.of("*"));
+                    configuration.setAllowedMethods(List.of("*"));
+                    configuration.setAllowCredentials(true);
+                    configuration.setMaxAge(3600L);
+                    return configuration;
+                }))
                 .sessionManagement(sessionManagementConfigurer ->
                         sessionManagementConfigurer
                                 .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
@@ -70,23 +76,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         return http.build();
     }
 
-    @Bean
-    protected CorsConfigurationSource corsConfigurationSource() {
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        source.registerCorsConfiguration("/**", getDefaultCorsConfiguration());
-        return source;
-    }
-
-    private CorsConfiguration getDefaultCorsConfiguration() {
-        CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(List.of("*"));
-        configuration.setAllowedHeaders(List.of("*"));
-        configuration.setAllowedMethods(List.of("*"));
-        configuration.setAllowCredentials(true);
-        configuration.setMaxAge(3600L);
-        return configuration;
-    }
-
     @Bean
     public HttpFirewall defaultHttpFirewall() {
         return new DefaultHttpFirewall();