Personal-Twin/hapi-fhir-jpaserver-starter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixed CORS support

Browse Source
This commit is contained in:
patrick-werner
2019-08-07 13:37:07 +02:00
parent 5e98d26443
commit 0113ff5e9f
3 changed files with 22 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/java/ca/uhn/fhir/jpa/starter/HapiProperties.java
View File

@@ -42,6 +42,7 @@ public class HapiProperties {
static final String TESTER_CONFIG_REFUSE_TO_FETCH_THIRD_PARTY_URLS = "tester.config.refuse_to_fetch_third_party_urls";
static final String CORS_ENABLED = "cors.enabled";
static final String CORS_ALLOWED_ORIGIN = "cors.allowed_origin";
static final String CORS_ALLOWED_CREDENTIALS = "hapi.properties";
static final String ALLOW_CONTAINS_SEARCHES = "allow_contains_searches";
static final String ALLOW_OVERRIDE_DEFAULT_SEARCH_PARAMS = "allow_override_default_search_params";
static final String EMAIL_FROM = "email.from";
@@ -323,4 +324,8 @@ public class HapiProperties {
String value = HapiProperties.getProperty(REUSE_CACHED_SEARCH_RESULTS_MILLIS, "-1");
return Long.valueOf(value);
}
public static Boolean getCorsAllowedCredentials() {
return HapiProperties.getBooleanProperty(CORS_ALLOWED_CREDENTIALS, false);
}
}

18
src/main/java/ca/uhn/fhir/jpa/starter/JpaRestfulServer.java
View File

@@ -28,6 +28,7 @@ import ca.uhn.fhir.rest.server.interceptor.ResponseHighlighterInterceptor;
import org.hl7.fhir.dstu3.model.Bundle;
import org.hl7.fhir.dstu3.model.Meta;
import org.springframework.context.ApplicationContext;
import org.springframework.http.HttpHeaders;
import org.springframework.web.cors.CorsConfiguration;
import javax.servlet.ServletException;
@@ -185,18 +186,25 @@ public class JpaRestfulServer extends RestfulServer {
// to your specific needs
if (HapiProperties.getCorsEnabled()) {
CorsConfiguration config = new CorsConfiguration();
config.addAllowedHeader(HttpHeaders.ORIGIN);
config.addAllowedHeader(HttpHeaders.ACCEPT);
config.addAllowedHeader(HttpHeaders.CONTENT_TYPE);
config.addAllowedHeader(HttpHeaders.AUTHORIZATION);
config.addAllowedHeader(HttpHeaders.CACHE_CONTROL);
config.addAllowedHeader("x-fhir-starter");
config.addAllowedHeader("Origin");
config.addAllowedHeader("Accept");
config.addAllowedHeader("X-Requested-With");
config.addAllowedHeader("Content-Type");
config.addAllowedHeader("Prefer");
String allAllowedCORSOrigins = HapiProperties.getCorsAllowedOrigin();
Arrays.stream(allAllowedCORSOrigins.split(",")).forEach(o -> {
config.addAllowedOrigin(o);
});
config.addAllowedOrigin(HapiProperties.getCorsAllowedOrigin());
config.addExposedHeader("Location");
config.addExposedHeader("Content-Location");
config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"));
config.setAllowedMethods(
Arrays.asList("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH", "HEAD"));
config.setAllowCredentials(HapiProperties.getCorsAllowedCredentials());
// Create the interceptor and register it
CorsInterceptor interceptor = new CorsInterceptor(config);