Source code

001/*
002 * Copyright 2022-2025 Revetware LLC.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016
017package com.soklet.core.impl;
018
019import com.soklet.core.Cors;
020import com.soklet.core.CorsAuthorizer;
021import com.soklet.core.CorsPreflight;
022import com.soklet.core.CorsPreflightResponse;
023import com.soklet.core.CorsResponse;
024import com.soklet.core.HttpMethod;
025import com.soklet.core.Request;
026import com.soklet.core.ResourceMethod;
027
028import javax.annotation.Nonnull;
029import javax.annotation.concurrent.ThreadSafe;
030import java.util.Map;
031import java.util.Optional;
032import java.util.Set;
033
034import static java.util.Objects.requireNonNull;
035
036/**
037 * @author <a href="https://www.revetkn.com">Mark Allen</a>
038 */
039@ThreadSafe
040public class AllOriginsCorsAuthorizer implements CorsAuthorizer {
041        @Nonnull
042        @Override
043        public Optional<CorsResponse> authorize(@Nonnull Request request,
044                                                                                                                                                                        @Nonnull Cors cors) {
045                requireNonNull(request);
046                requireNonNull(cors);
047
048                return Optional.of(CorsResponse.withAccessControlAllowOrigin("*")
049                                .accessControlExposeHeaders(Set.of("*"))
050                                .accessControlAllowCredentials(true)
051                                .build());
052        }
053
054        @Nonnull
055        @Override
056        public Optional<CorsPreflightResponse> authorizePreflight(@Nonnull Request request,
057                                                                                                                                                                                                                                                @Nonnull CorsPreflight corsPreflight,
058                                                                                                                                                                                                                                                @Nonnull Map<HttpMethod, ResourceMethod> availableResourceMethodsByHttpMethod) {
059                requireNonNull(request);
060                requireNonNull(corsPreflight);
061                requireNonNull(availableResourceMethodsByHttpMethod);
062
063                return Optional.of(CorsPreflightResponse.withAccessControlAllowOrigin("*")
064                                .accessControlAllowMethods(availableResourceMethodsByHttpMethod.keySet())
065                                .accessControlAllowHeaders(Set.of("*"))
066                                .accessControlAllowCredentials(true)
067                                .build());
068        }
069}