Spring Boot跨域配置

2021-12-18 04:38:35

1,采用内置默认跨域过滤器的方式指定默认的跨域配置。

编写配置Bean

MagicalCorsProperties

import com.google.common.base.MoreObjects;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;

/**
 * 跨域自动配置
 * @author Jeckxu
 */
@Component
@ConfigurationProperties(prefix = MagicalCorsProperties.PRE_FIX)
public class MagicalCorsProperties implements Serializable {

   public static final String PRE_FIX = "magical.cors.default";

   private Boolean enabled = true;

   private String pathPattern = "/cors/**";

   private List<String> allowedOrigins = Collections.singletonList("*");

   private List<String> allowedHeaders = Collections.singletonList("*");

   private List<String> allowedMethods = Collections.singletonList("*");

   private List<String> exposedHeaders = new ArrayList<>();

   private Long maxAge = 3600L;

   private Boolean allowCredentials = Boolean.TRUE;

   public Boolean getEnabled() {
      return enabled;
   }

   public void setEnabled(Boolean enabled) {
      this.enabled = enabled;
   }

   public String getPathPattern() {
      return pathPattern;
   }

   public void setPathPattern(String pathPattern) {
      this.pathPattern = pathPattern;
   }

   public List<String> getAllowedOrigins() {
      return allowedOrigins;
   }

   public void setAllowedOrigins(List<String> allowedOrigins) {
      this.allowedOrigins = allowedOrigins;
   }

   public List<String> getAllowedHeaders() {
      return allowedHeaders;
   }

   public void setAllowedHeaders(List<String> allowedHeaders) {
      this.allowedHeaders = allowedHeaders;
   }

   public List<String> getAllowedMethods() {
      return allowedMethods;
   }

   public void setAllowedMethods(List<String> allowedMethods) {
      this.allowedMethods = allowedMethods;
   }

   public List<String> getExposedHeaders() {
      return exposedHeaders;
   }

   public void setExposedHeaders(List<String> exposedHeaders) {
      this.exposedHeaders = exposedHeaders;
   }

   public Long getMaxAge() {
      return maxAge;
   }

   public void setMaxAge(Long maxAge) {
      this.maxAge = maxAge;
   }

   public Boolean getAllowCredentials() {
      return allowCredentials;
   }

   public void setAllowCredentials(Boolean allowCredentials) {
      this.allowCredentials = allowCredentials;
   }

   @Override
   public String toString() {
      return MoreObjects.toStringHelper(this)
         .add("enabled", enabled)
         .add("pathPattern", pathPattern)
         .add("allowedOrigins", allowedOrigins)
         .add("allowedHeaders", allowedHeaders)
         .add("allowedMethods", allowedMethods)
         .add("exposedHeaders", exposedHeaders)
         .add("maxAge", maxAge)
         .add("allowCredentials", allowCredentials)
         .toString();
   }
}

编写自动配置类

MagicalCorsAutoConfiguration

import org.jeckxu.magical.core.boot.props.MagicalCorsProperties;
import org.jeckxu.magical.core.launch.destroy.MagicalDestroying;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

/**
 * @author xuchangjiang
 */
@Configuration
@ConditionalOnProperty(value = MagicalCorsProperties.PRE_FIX + ".enabled", havingValue = "true", matchIfMissing = true)
public class MagicalCorsAutoConfiguration implements MagicalDestroying {

   private final MagicalCorsProperties magicalCorsProperties;

   public MagicalCorsAutoConfiguration(MagicalCorsProperties magicalCorsProperties) {
      this.magicalCorsProperties = magicalCorsProperties;
   }

   /**
    * 默认跨域过滤器
    * @return
    */
   @Bean
   public CorsFilter corsFilter() {
      CorsConfiguration corsConfiguration = new CorsConfiguration();
      magicalCorsProperties.getAllowedOrigins().forEach(corsConfiguration::addAllowedOrigin);
      magicalCorsProperties.getExposedHeaders().forEach(corsConfiguration::addExposedHeader);
      magicalCorsProperties.getAllowedHeaders().forEach(corsConfiguration::addAllowedHeader);
      magicalCorsProperties.getAllowedMethods().forEach(corsConfiguration::addAllowedMethod);
      corsConfiguration.setAllowCredentials(magicalCorsProperties.getAllowCredentials());
      UrlBasedCorsConfigurationSource corsConfigurationSource = new UrlBasedCorsConfigurationSource();
      corsConfigurationSource.registerCorsConfiguration(magicalCorsProperties.getPathPattern(), corsConfiguration);
      return new CorsFilter(corsConfigurationSource);
   }
}

2,注意点:

不同Spring Boot版本的自动配置类MagicalCorsAutoConfiguration中的@Configuration注解参数不同。Spring Boot 2.1.x以及之前的版本为:

@Configuration

Spring Boot 2.2.x以及之后的版本为

@Configuration(proxyBeanMethods = false)

以上配置项适用于Spring boot 2.0.x 到 2.3.x


上一篇:JAVA 适用于异步定时任务的自定义线程池[一]


下一篇:面向对象