diff --git a/backend/src/main/java/codezap/global/cors/CorsProperties.java b/backend/src/main/java/codezap/global/cors/CorsProperties.java new file mode 100644 index 000000000..f1fdb4e74 --- /dev/null +++ b/backend/src/main/java/codezap/global/cors/CorsProperties.java @@ -0,0 +1,27 @@ +package codezap.global.cors; + + +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.boot.context.properties.bind.DefaultValue; + +@ConfigurationProperties(prefix = "cors") +public class CorsProperties { + private final String[] allowedOrigins; + private final String[] allowedOriginsPatterns; + + public CorsProperties( + @DefaultValue(value = "") String[] allowedOrigins, + @DefaultValue(value = "") String[] allowedOriginsPatterns + ) { + this.allowedOrigins = allowedOrigins; + this.allowedOriginsPatterns = allowedOriginsPatterns; + } + + public String[] getAllowedOrigins() { + return allowedOrigins; + } + + public String[] getAllowedOriginsPatterns() { + return allowedOriginsPatterns; + } +} diff --git a/backend/src/main/java/codezap/global/cors/WebCorsConfiguration.java b/backend/src/main/java/codezap/global/cors/WebCorsConfiguration.java index 5780a04a5..9c1b1bfcc 100644 --- a/backend/src/main/java/codezap/global/cors/WebCorsConfiguration.java +++ b/backend/src/main/java/codezap/global/cors/WebCorsConfiguration.java @@ -1,19 +1,26 @@ package codezap.global.cors; +import org.springframework.boot.context.properties.ConfigurationPropertiesScan; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration +@ConfigurationPropertiesScan public class WebCorsConfiguration implements WebMvcConfigurer { + private final CorsProperties corsProperties; + + public WebCorsConfiguration(CorsProperties corsProperties) { + this.corsProperties = corsProperties; + } + @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") .allowCredentials(true) - .allowedOriginPatterns("https://*.code-zap.com") - .allowedOrigins("https://code-zap.com") - .allowedOrigins("chrome-extension://bmlonhfgleihfabinjbhgefojkfpmlaf") + .allowedOriginPatterns(corsProperties.getAllowedOriginsPatterns()) + .allowedOrigins(corsProperties.getAllowedOrigins()) .allowedMethods("*") .exposedHeaders("*"); } diff --git a/backend/src/main/resources/application-local.yml b/backend/src/main/resources/application-local.yml index 5e635c67c..e74358d99 100644 --- a/backend/src/main/resources/application-local.yml +++ b/backend/src/main/resources/application-local.yml @@ -2,3 +2,5 @@ spring: output: ansi: enabled: always +cors: + allowed-origins: http://localhost:3000 diff --git a/backend/src/test/java/codezap/global/MockMvcTest.java b/backend/src/test/java/codezap/global/MockMvcTest.java index 738880164..fbcea58af 100644 --- a/backend/src/test/java/codezap/global/MockMvcTest.java +++ b/backend/src/test/java/codezap/global/MockMvcTest.java @@ -6,8 +6,10 @@ import org.junit.jupiter.api.BeforeEach; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest; import org.springframework.boot.test.mock.mockito.MockBean; +import org.springframework.context.annotation.Import; import org.springframework.test.context.junit.jupiter.SpringExtension; import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.setup.MockMvcBuilders; @@ -19,11 +21,13 @@ import codezap.auth.provider.CredentialProvider; import codezap.category.service.facade.MemberCategoryApplicationService; import codezap.category.service.facade.MemberCategoryTemplateApplicationService; +import codezap.global.cors.CorsProperties; import codezap.member.fixture.MemberFixture; import codezap.member.service.MemberService; import codezap.template.service.TemplateService; @WebMvcTest(SpringExtension.class) +@EnableConfigurationProperties(CorsProperties.class) public abstract class MockMvcTest { @Autowired diff --git a/backend/src/test/java/codezap/global/cors/CorsPropertiesTest.java b/backend/src/test/java/codezap/global/cors/CorsPropertiesTest.java new file mode 100644 index 000000000..05293c36d --- /dev/null +++ b/backend/src/test/java/codezap/global/cors/CorsPropertiesTest.java @@ -0,0 +1,34 @@ +package codezap.global.cors; + +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; +import static org.junit.jupiter.api.Assertions.*; + +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.boot.test.context.ConfigDataApplicationContextInitializer; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit.jupiter.SpringExtension; + +@SpringBootTest +class CorsPropertiesTest { + + @Autowired + private CorsProperties corsProperties; + + @Test + @DisplayName("yml 파일로부터 allowed-origins 값을 가져오는지 확인") + void getAllowedOrigins() { + assertThat(corsProperties.getAllowedOrigins()).isEqualTo(new String[]{"http://localhost:3000"}); + } + + @Test + @DisplayName("yml 파일로부터 allowed-origins-patterns 값을 가져오는지 확인") + void getAllowedOriginsPatterns() { + assertThat(corsProperties.getAllowedOriginsPatterns()).isEqualTo(new String[]{""}); + } +} diff --git a/backend/src/test/resources/application-local.yml b/backend/src/test/resources/application-local.yml index 5e635c67c..e74358d99 100644 --- a/backend/src/test/resources/application-local.yml +++ b/backend/src/test/resources/application-local.yml @@ -2,3 +2,5 @@ spring: output: ansi: enabled: always +cors: + allowed-origins: http://localhost:3000