-
-
Notifications
You must be signed in to change notification settings - Fork 655
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CORS problems since 5.0.0 on management and config endpoints #371
Comments
+1 here. Working before 5.0.0, now got invalid cors request at login |
As per current implementation, configurable
To support customization, I think we can externalize these URL patterns like other CORS settings. |
To fix the loggers, I added the following cors filters to source.registerCorsConfiguration("/management/**", config);
source.registerCorsConfiguration("/auth/**", config);
source.registerCorsConfiguration("/services/*/api/**", config);
source.registerCorsConfiguration("/services/**/management/**", config);
source.registerCorsConfiguration("/*/management/**", config);
source.registerCorsConfiguration("/*/oauth/**", config); To fix the swagger ui when combined with the jhipster uaa, I also replaced the private void retrieveNewAccessToken() {
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
final String authString = jHipsterProperties.getSecurity().getClientAuthorization().getClientId() + ":" + jHipsterProperties.getSecurity().getClientAuthorization().getClientSecret();
final String authorization = "Basic " + Base64.encodeBase64String(authString.getBytes());
headers.add("Authorization", authorization);
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add("grant_type", "client_credentials");
HttpEntity<?> requestEntity = new HttpEntity<>(map, headers);
String tokenEndpoint = getTokenEndpoint();
ResponseEntity<DefaultOAuth2AccessToken> responseEntity = this.restTemplate.exchange(tokenEndpoint, HttpMethod.POST, requestEntity, DefaultOAuth2AccessToken.class);
if (!responseEntity.getStatusCode().is2xxSuccessful()) {
logger.debug("Request failed for '{}'", Optional.ofNullable(requestEntity.getHeaders()).map(HttpHeaders::getLocation).map(URI::toString).orElse(""));
}
accessToken = Objects.requireNonNull(responseEntity.getBody()).getValue();
}
/**
* Returns the configured OAuth2 token endpoint URI.
*
* @return the OAuth2 token endpoint URI.
*/
private String getTokenEndpoint() {
String tokenEndpointUrl = jHipsterProperties.getSecurity().getClientAuthorization().getAccessTokenUri();
if (tokenEndpointUrl == null) {
throw new InvalidClientException("no token endpoint configured in application properties");
}
return tokenEndpointUrl;
} |
Overview of the issue
Since v5.0.0, the registry served behind a traefik proxy (or letsencrypt) on docker seems to have CORS issues on post methods (
authenticate
,config/encrypt
,management/loggers
).Sample configuration
The configuration worked in previous versions, but a http 403 'invalid cors request' is now returned.
I added
in the docker-compose, and it fixed the problem for
/authenticate
, but other POST on endpoints (like the encryption in configuration/encryption or changing the log levels) doesn't seems to share that configuration (they use the CORS configuration mapped to '/**' ).Am I missing a property ?
Motivation for or Use Case
It worked in previous version ( before 5.0.0).
Reproduce the error
Start jhipster-registry on docker, served behind an https domain name.
JHipster Registry Version(s)
5.0.2
The text was updated successfully, but these errors were encountered: