Skip to content

Commit

Permalink
Rollback unwanted changes (#1886)
Browse files Browse the repository at this point in the history
* Revert "Import fixes (#1881)"

This reverts commit c17621d.

* Revert "Fix typos (#1880)"

This reverts commit db0f540.

* Revert "Use corsfilter instead of bean (#1879)"

This reverts commit b8e306b.

* Revert "wfnews-2158: Missing url if bulletinUrl is null (#1878)"

This reverts commit fe3099b.

* Revert "Missing put pt2 (#1877)"

This reverts commit 9381857.

* Revert "Add put (#1876)"

This reverts commit 97ab365.

* Revert "Update CorsConfigurationSource (#1875)"

This reverts commit 3b6e6b7.

* Revert "Fix cors domains (#1874)"

This reverts commit 1b9b93c.

* Revert "Specify CORS settings (#1873)"

This reverts commit 01ccd62.

* Revert "Fix syntax for CORS (#1872)"

This reverts commit d50a701.

* Revert "Update CORS bean and call it in the CORS configuration (#1871)"

This reverts commit 07e7109.

* Revert "Remove redundant CORS implementations (#1870)"

This reverts commit 270be8b.

* Revert "Rollback CORS server changes (#1869)"

This reverts commit b114cfc.

* wfnews-2158: Missing url if bulletinUrl is null (#1878)

* wfnews-2158

* wfnews-2158

* Backend only pipeline (#1882)

* Fast build fix (#1883)

* Backend only pipeline

* Remove dependency to client

* Allow credentials in cloudfront (#1884)

* set access_control_allow_credentials to true

* remove CORS section entirely

---------

Co-authored-by: Lucas Li <[email protected]>
  • Loading branch information
sukhpalp and yzlucas authored May 2, 2024
1 parent 4ca6a2c commit 726a1df
Show file tree
Hide file tree
Showing 17 changed files with 71 additions and 16 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,16 @@ export class PublishedIncidentService {
const headers = {
headers: {
Authorization: `bearer ${this.tokenService.getOauthToken()}`,
apikey: this.appConfigService.getConfig().application['wfnewsApiKey'],
}
}
return headers;
}

getPublicSituationReportHeaders() {
const headers = {
headers: {
apikey: this.appConfigService.getConfig().application['wfnewsApiKey'],
}
}
return headers;
Expand Down Expand Up @@ -309,13 +319,13 @@ export class PublishedIncidentService {
const url = `${this.appConfigService.getConfig().rest['wfnews']
}/publicSituationReport?pageNumber=${pageNum}&pageRowCount=${rowCount}&published=${published ? 'TRUE' : 'FALSE'
}${cacheBust ? '&cacheBust=' + new Date().getTime() : ''}`;
return this.httpClient.get<SituationReport>(url);
return this.httpClient.get<SituationReport>(url, this.getPublicSituationReportHeaders());
}

public fetchSituationReport(reportGuid: string): Observable<SituationReport> {
const url = `${this.appConfigService.getConfig().rest['wfnews']
}/publicSituationReport/${reportGuid}`;
return this.httpClient.get<SituationReport>(url);
return this.httpClient.get<SituationReport>(url, this.getPublicSituationReportHeaders());
}

public updateSituationReport(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ public void addCorsMappings(CorsRegistry registry) {
.allowCredentials(true)
.allowedOriginPatterns("*")
.allowedHeaders("*")
.allowedMethods("HEAD", "GET", "PUT", "POST", "OPTIONS");
.allowedMethods("HEAD", "GET", "POST", "OPTIONS");
}

@Override
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ public CorsConfigurationSource corsConfigurationSource() {
origins.add("*");

configuration.setAllowedOrigins(origins);
configuration.setAllowedMethods(Collections.unmodifiableList(Arrays.asList("HEAD", "GET", "PUT", "POST", "OPTIONS")));
configuration.setAllowedMethods(Collections.unmodifiableList(Arrays.asList("HEAD", "GET", "POST", "OPTIONS")));
configuration.setAllowCredentials(true);
configuration.setAllowedHeaders(origins);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@

import org.glassfish.jersey.media.multipart.FormDataBodyPart;
import org.glassfish.jersey.media.multipart.FormDataParam;
import org.springframework.web.bind.annotation.CrossOrigin;

import ca.bc.gov.nrs.common.rest.resource.HeaderConstants;
import ca.bc.gov.nrs.common.wfone.rest.resource.MessageListRsrc;
Expand Down Expand Up @@ -53,6 +54,7 @@ public interface AttachmentsEndpoint {
@GET
@Path("/publicPublishedIncidentAttachment/{incidentNumberSequence}/attachments/{attachmentGuid}")
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
@CrossOrigin(origins = "*", allowedHeaders = "*")
Response getIncidentAttachment(
@ApiParam("The incidentNumberSequence of the Wildfire Incident resource.") @PathParam("incidentNumberSequence") String incidentNumberSequence,
@ApiParam("The attachmentGuid of the Attachment resource.") @PathParam("attachmentGuid") String attachmentGuid
Expand All @@ -71,6 +73,7 @@ Response getIncidentAttachment(
})
@GET
@Path("/publicPublishedIncidentAttachment/{incidentNumberSequence}/attachments/{attachmentGuid}/bytes")
@CrossOrigin(origins = "*", allowedHeaders = "*")
Response getIncidentAttachmentBytes(
@ApiParam("The incidentNumberSequence of the Wildfire Incident resource.") @PathParam("incidentNumberSequence") String incidentNumberSequence,
@ApiParam("The attachmentGuid of the Attachment resource.") @PathParam("attachmentGuid") String attachmentGuid,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.springframework.web.bind.annotation.CrossOrigin;

import ca.bc.gov.nrs.common.rest.resource.HeaderConstants;
import ca.bc.gov.nrs.common.wfone.rest.resource.MessageListRsrc;
import ca.bc.gov.nrs.wfnews.api.rest.v1.endpoints.security.Scopes;
Expand Down Expand Up @@ -44,6 +46,7 @@ public interface AttachmentsListEndpoint {
@GET
@Path("/publicPublishedIncidentAttachment/{incidentNumberSequence}/attachments")
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
@CrossOrigin(origins = "*", allowedHeaders = "*")
Response getIncidentAttachmentList(
@ApiParam("The incidentNumberSequence of the Wildfire Incident resource.") @PathParam("incidentNumberSequence") String incidentNumberSequence,
@ApiParam("List primary attachments") @QueryParam("primaryIndicator") @DefaultValue("false") String primaryIndicator,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,16 @@
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.springframework.web.bind.annotation.CrossOrigin;

import ca.bc.gov.nrs.common.rest.endpoints.BaseEndpoints;
import ca.bc.gov.nrs.common.service.ConflictException;
import ca.bc.gov.nrs.common.service.ForbiddenException;
import ca.bc.gov.nrs.common.service.NotFoundException;
import io.swagger.annotations.ApiParam;

@Path("/publicExternalUri")
@CrossOrigin(origins = "*", allowedHeaders = "*")
public interface PublicExternalUriEndpoint extends BaseEndpoints{
@GET
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.springframework.web.bind.annotation.CrossOrigin;

import ca.bc.gov.nrs.common.rest.endpoints.BaseEndpoints;
import ca.bc.gov.nrs.common.service.ConflictException;
import ca.bc.gov.nrs.common.service.ForbiddenException;
Expand All @@ -20,6 +22,7 @@

@Path("/publicPublishedIncident")
@Api(value = "PublicPublishedIncidentEndpoint")
@CrossOrigin(origins = "*", allowedHeaders = "*")
public interface PublicPublishedIncidentEndpoint extends BaseEndpoints{

@GET
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,16 @@
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.springframework.web.bind.annotation.CrossOrigin;

import ca.bc.gov.nrs.common.rest.endpoints.BaseEndpoints;
import ca.bc.gov.nrs.common.service.ConflictException;
import ca.bc.gov.nrs.common.service.ForbiddenException;
import ca.bc.gov.nrs.common.service.NotFoundException;
import io.swagger.annotations.ApiParam;

@Path("/publicSituationReport")
@CrossOrigin(origins = "*", allowedHeaders = "*")
public interface PublicSituationReportEndpoint extends BaseEndpoints {
@GET
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestMethod;

import ca.bc.gov.nrs.common.persistence.dao.DaoException;
Expand All @@ -36,6 +37,7 @@

@Path("/situationReport")
@Api(value = "SituationReportEndpoint", authorizations = { @Authorization(value = "Webade-OAUTH2", scopes = { @AuthorizationScope(scope = Scopes.GET_TOPLEVEL, description = "") }) })
@CrossOrigin(origins = "*", allowedHeaders = "*", methods = {RequestMethod.GET, RequestMethod.OPTIONS, RequestMethod.HEAD, RequestMethod.PUT, RequestMethod.POST, RequestMethod.DELETE}, allowCredentials = "true")
public interface SituationReportEndpoint extends BaseEndpoints {
@ApiOperation(value = "Add a Sitation Report Resource", response = SituationReportResource.class, notes = "Add a Situation Report", authorizations = { @Authorization(value = "Webade-OAUTH2", scopes = { @AuthorizationScope(scope = Scopes.CREATE_PUBLISHED_INCIDENT, description = "") }) }, extensions = {@Extension(properties = {@ExtensionProperty(name = "auth-type", value = "#{wso2.x-auth-type.app_and_app_user}"), @ExtensionProperty(name = "throttling-tier", value = "Unlimited") })})
@ApiImplicitParams({
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,15 @@
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.springframework.web.bind.annotation.CrossOrigin;

import ca.bc.gov.nrs.common.rest.endpoints.BaseEndpoints;
import ca.bc.gov.nrs.common.service.ConflictException;
import ca.bc.gov.nrs.common.service.ForbiddenException;
import ca.bc.gov.nrs.common.service.NotFoundException;

@Path("/statistics")
@CrossOrigin(origins = "*", allowedHeaders = "*")
public interface StatisticsEndpoint extends BaseEndpoints {
@GET
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.springframework.web.bind.annotation.CrossOrigin;

import ca.bc.gov.nrs.common.wfone.rest.resource.HeaderConstants;
import ca.bc.gov.nrs.wfnews.api.rest.v1.resource.EndpointsRsrc;
import io.swagger.v3.oas.annotations.Operation;
Expand All @@ -21,6 +23,7 @@
import io.swagger.v3.oas.annotations.responses.ApiResponses;

@Path("/openapi.json")
@CrossOrigin(origins = "*", allowedHeaders = "*")
public interface SwaggerEndpoints {

@Operation(operationId = "Get Swagger Document", summary = "Get Swagger Document", extensions = {@Extension(properties = {@ExtensionProperty(name = "auth-type", value = "#{wso2.x-auth-type.app_and_app_user}"), @ExtensionProperty(name = "throttling-tier", value = "Unlimited") })})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.springframework.web.bind.annotation.CrossOrigin;

import ca.bc.gov.nrs.common.wfone.rest.resource.HeaderConstants;
import ca.bc.gov.nrs.common.wfone.rest.resource.MessageListRsrc;
import ca.bc.gov.nrs.wfnews.api.rest.v1.resource.EndpointsRsrc;
Expand All @@ -23,6 +25,7 @@
import io.swagger.v3.oas.annotations.responses.ApiResponses;

@Path("/")
@CrossOrigin(origins = "*", allowedHeaders = "*")
public interface TopLevelEndpoints extends BaseEndpoints {

@Operation(operationId = "Get Top Level Resources.", summary = "Get Top Level Resources", extensions = {@Extension(properties = {@ExtensionProperty(name = "auth-type", value = "#{wso2.x-auth-type.app_and_app_user}"), @ExtensionProperty(name = "throttling-tier", value = "Unlimited") })})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
import javax.servlet.ServletContext;
import javax.servlet.ServletRegistration;

import ca.bc.gov.nrs.wfone.api.rest.v1.spring.CorsFilter;
import org.glassfish.jersey.servlet.ServletContainer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -45,4 +45,4 @@ public void init(FilterConfig filterConfig) {
public void destroy() {
logger.info("Destructing CORS filter");
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
import javax.sql.DataSource;

import ca.bc.gov.nrs.wfnews.api.rest.v1.common.AttachmentsAwsConfig;
import ca.bc.gov.nrs.wfone.api.rest.v1.spring.CorsFilter;
import org.apache.commons.dbcp2.BasicDataSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
Expand All @@ -30,6 +29,7 @@
,ServiceApiSpringConfig.class
,ResourceFactorySpringConfig.class
,SecuritySpringConfig.class
,WebConfig.class
,CorsFilter.class
})
public class EndpointsSpringConfig {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

import java.util.Arrays;
import java.util.Collections;
import java.util.List;

import javax.servlet.http.HttpServletRequest;

Expand Down Expand Up @@ -139,16 +138,16 @@ protected void configure(HttpSecurity http) throws Exception {

@Bean
public CorsConfigurationSource corsConfigurationSource() {
final CorsConfiguration configuration = new CorsConfiguration();
final CorsConfiguration configuration = new CorsConfiguration();

configuration.setAllowedOrigins(Collections.unmodifiableList(Arrays.asList("*")));
configuration.setAllowedMethods(
Collections.unmodifiableList(Arrays.asList("HEAD", "GET", "POST", "DELETE", "PUT", "OPTIONS")));
configuration.setAllowedHeaders(Collections.unmodifiableList(Arrays.asList("apikey")));
configuration.setAllowedOrigins(Collections.unmodifiableList(Arrays.asList("*")));
configuration.setAllowedMethods(Collections.unmodifiableList(Arrays.asList("HEAD", "GET", "POST", "DELETE", "PUT", "OPTIONS")));
configuration.setAllowCredentials(true);
configuration.setAllowedHeaders(Collections.unmodifiableList(Arrays.asList("*")));

final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);

return source;
return source;
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
package ca.bc.gov.nrs.wfnews.api.rest.v1.spring;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
@EnableWebMvc
public class WebConfig implements WebMvcConfigurer {
private static final Logger logger = LoggerFactory.getLogger(WebConfig.class);
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedHeaders("*")
.allowedOrigins("*")
.allowedMethods("*");
}
}

0 comments on commit 726a1df

Please sign in to comment.