updated security config for cors

src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java

@@ -1,13 +1,5 @@
 package net.gepafin.tendermanagement.config;
 
-import io.swagger.v3.oas.models.Components;
-import io.swagger.v3.oas.models.OpenAPI;
-import io.swagger.v3.oas.models.security.SecurityRequirement;
-import io.swagger.v3.oas.models.security.SecurityScheme;
-import io.swagger.v3.oas.models.servers.Server;
-import net.gepafin.tendermanagement.config.jwt.JWTConfigurer;
-import net.gepafin.tendermanagement.config.jwt.JWTFilter;
-import net.gepafin.tendermanagement.config.jwt.TokenProvider;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -16,7 +8,6 @@ import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@@ -24,12 +15,16 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
-import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-import org.springframework.web.filter.CorsFilter;
 import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
 
+import io.swagger.v3.oas.models.Components;
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.security.SecurityRequirement;
+import io.swagger.v3.oas.models.security.SecurityScheme;
+import io.swagger.v3.oas.models.servers.Server;
+import net.gepafin.tendermanagement.config.jwt.JWTFilter;
+import net.gepafin.tendermanagement.config.jwt.TokenProvider;
+
 @Configuration
 @EnableWebSecurity
 public class SecurityConfig {
@@ -56,27 +51,27 @@ public class SecurityConfig {
         return new MvcRequestMatcher.Builder(introspector);
     }
 
-    @Bean
+//    @Bean
-    public WebSecurityCustomizer webSecurityCustomizer(MvcRequestMatcher.Builder mvc) {
+//    public WebSecurityCustomizer webSecurityCustomizer(MvcRequestMatcher.Builder mvc) {
-        return (web) -> web.ignoring()
+//        return (web) -> web.ignoring()
-                .requestMatchers(mvc.pattern(HttpMethod.OPTIONS, "/**"))
+//                .requestMatchers(mvc.pattern(HttpMethod.OPTIONS, "/**"))
-                .requestMatchers(new AntPathRequestMatcher("/i18n/**"))
+//                .requestMatchers(new AntPathRequestMatcher("/i18n/**"))
-                .requestMatchers(new AntPathRequestMatcher("/content/**"))
+//                .requestMatchers(new AntPathRequestMatcher("/content/**"))
-                .requestMatchers(new AntPathRequestMatcher("/swagger-ui/index.html"))
+//                .requestMatchers(new AntPathRequestMatcher("/swagger-ui/index.html"))
-                .requestMatchers(new AntPathRequestMatcher("/swagger-ui/**"));
+//                .requestMatchers(new AntPathRequestMatcher("/swagger-ui/**"));
-    }
+//    }
-
+//
-    @Bean
+//    @Bean
-    public CorsFilter corsFilter() {
+//    public CorsFilter corsFilter() {
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+//        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        CorsConfiguration config = new CorsConfiguration();
+//        CorsConfiguration config = new CorsConfiguration();
-        config.setAllowCredentials(true);
+//        config.setAllowCredentials(true);
-        config.addAllowedOrigin("*");
+//        config.addAllowedOrigin("*");
-        config.addAllowedHeader("*");
+//        config.addAllowedHeader("*");
-        config.addAllowedMethod("*");
+//        config.addAllowedMethod("*");
-        source.registerCorsConfiguration("/**", config);
+//        source.registerCorsConfiguration("/**", config);
-        return new CorsFilter(source);
+//        return new CorsFilter(source);
-    }
+//    }
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http, MvcRequestMatcher.Builder mvc) throws Exception {
@@ -92,8 +87,6 @@ public class SecurityConfig {
                 .sessionManagement(session -> session
                         .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                 )
-                .apply(new JWTConfigurer(tokenProvider))
-                .and()
                 .addFilterBefore(new JWTFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class);
 
         return http.build();