From dbd835c8cc6cfad86ca94a393644792c166f712b Mon Sep 17 00:00:00 2001 From: khee2 <21keunghee@gmail.com> Date: Wed, 24 Jul 2024 22:23:51 +0900 Subject: [PATCH] =?UTF-8?q?fix:=20=ED=94=84=EB=A1=A0=ED=8A=B8=20=EC=A3=BC?= =?UTF-8?q?=EC=86=8C=20localhost:3000=EC=9D=84=20=ED=97=88=EC=9A=A9?= =?UTF-8?q?=ED=95=A0=20Origin=EC=97=90=20=EC=B6=94=EA=B0=80=ED=95=A8?= =?UTF-8?q?=EC=9C=BC=EB=A1=9C=EC=8D=A8=20CORS=EC=97=90=EB=9F=AC=20?= =?UTF-8?q?=ED=95=B4=EA=B2=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../global/config/SecurityConfig.java | 37 ++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/solucitation/midpoint_backend/global/config/SecurityConfig.java b/src/main/java/com/solucitation/midpoint_backend/global/config/SecurityConfig.java index 626b24d..a622246 100644 --- a/src/main/java/com/solucitation/midpoint_backend/global/config/SecurityConfig.java +++ b/src/main/java/com/solucitation/midpoint_backend/global/config/SecurityConfig.java @@ -4,6 +4,8 @@ import com.solucitation.midpoint_backend.global.auth.JwtTokenProvider; import com.solucitation.midpoint_backend.global.exception.JwtAccessDeniedHandler; import com.solucitation.midpoint_backend.global.exception.JwtAuthenticationEntryPoint; +import lombok.Value; +import lombok.extern.slf4j.Slf4j; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; @@ -15,10 +17,15 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.web.cors.CorsConfiguration; +import org.springframework.web.cors.UrlBasedCorsConfigurationSource; +import org.springframework.web.filter.CorsFilter; +import org.springframework.core.env.Environment; /** * Spring Security 설정 클래스 - JWT를 사용한 보안 설정 구성 */ +@Slf4j @Configuration @EnableWebSecurity public class SecurityConfig { @@ -26,6 +33,8 @@ public class SecurityConfig { private final JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint; private final JwtAccessDeniedHandler jwtAccessDeniedHandler; + private final Environment env; + /** * SecurityConfig 생성자 - 필수 구성 요소 주입 * @@ -36,10 +45,12 @@ public class SecurityConfig { public SecurityConfig( JwtTokenProvider jwtTokenProvider, JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint, - JwtAccessDeniedHandler jwtAccessDeniedHandler) { + JwtAccessDeniedHandler jwtAccessDeniedHandler, + Environment env) { this.jwtTokenProvider = jwtTokenProvider; this.jwtAuthenticationEntryPoint = jwtAuthenticationEntryPoint; this.jwtAccessDeniedHandler = jwtAccessDeniedHandler; + this.env = env; } /** @@ -65,6 +76,27 @@ public AuthenticationManager authenticationManager( */ @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + // CORS 설정 추가 + UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); + CorsConfiguration config = new CorsConfiguration(); + config.setAllowCredentials(true); + + // 환경 변수에서 허용할 Origin을 설정 + String allowedOrigins = env.getProperty("allowed.origins"); +// log.info("Allowed Origins: " + allowedOrigins); // 허용할 Origin 값 출력 + if (allowedOrigins != null) { + String[] origins = allowedOrigins.split(","); + for (String origin : origins) { +// log.info("Adding allowed origin: " + origin.trim()); + config.addAllowedOrigin(origin.trim()); + } + } + + config.addAllowedHeader("*"); + config.addAllowedMethod("*"); + source.registerCorsConfiguration("/**", config); + CorsFilter corsFilter = new CorsFilter(source); + http .csrf(csrf -> csrf.disable()) // CSRF 비활성화 .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // Stateless 세션 설정 @@ -85,6 +117,9 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti // JWT 필터 추가 http.addFilterBefore(new JwtFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter.class); + // CORS 필터 추가 + http.addFilterBefore(corsFilter, JwtFilter.class); + return http.build(); }