urban/hemhub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CORS configuration and update Keycloak hostname settings
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Urban Modig
2025-10-13 21:12:51 +02:00
parent a3ad34d094
commit a56d995d0f
2 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docker-compose.yml
View File

@ -21,10 +21,14 @@ services:
KEYCLOAK_ADMIN: admin KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin KEYCLOAK_ADMIN_PASSWORD: admin
# Make issuer consistent & reachable from other containers # Make issuer consistent & reachable from other containers
KC_HOSTNAME: keycloak # KC_HOSTNAME: keycloak
KC_HTTP_ENABLED: "true" KC_HTTP_ENABLED: "true"
KC_HOSTNAME_STRICT: "false" KC_HOSTNAME_STRICT: "false"
KC_PROXY: edge KC_PROXY: edge
KC_HOSTNAME_URL: "http://localhost:8081/"
KC_HOSTNAME_ADMIN_URL: "http://localhost:8081/"
KC_HOSTNAME_STRICT_HTTPS: "false"
ports: ports:
- "8081:8081" - "8081:8081"
volumes: volumes:

22
src/main/java/se/urmo/hemhub/config/SecurityConfig.java
View File

@ -7,6 +7,11 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.util.List;
@Configuration @Configuration
@EnableMethodSecurity @EnableMethodSecurity
@ -28,6 +33,23 @@ public class SecurityConfig {
return http.build(); return http.build();
} }
@Bean
CorsConfigurationSource corsConfigurationSource() {
var config = new CorsConfiguration();
config.setAllowedOrigins(List.of(
"http://localhost:5173", // dev-SPA
"https://rubble.se" // prod-origin (SPA under /hemhub/app/)
));
config.setAllowedMethods(List.of("GET","POST","PATCH","DELETE","OPTIONS"));
config.setAllowedHeaders(List.of("Authorization","Content-Type","Accept"));
config.setAllowCredentials(false); // vi använder Bearer, inte cookies
config.setMaxAge(3600L);
var source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", config);
return source;
}
@Bean @Bean
JwtAuthenticationConverter jwtConverter() { JwtAuthenticationConverter jwtConverter() {
var converter = new JwtAuthenticationConverter(); var converter = new JwtAuthenticationConverter();