Merge branch 'develop' of https://github.com/TasQueue/Back-End into f…

…eat/yongsoo

src/main/java/com/example/taskqueue/config/SecurityConfig.java

@@ -4,6 +4,7 @@
 import com.example.taskqueue.oauth.handler.OAuth2LoginFailureHandler;
 import com.example.taskqueue.oauth.handler.OAuth2LoginSuccessHandler;
 import com.example.taskqueue.security.ResponseUtils;
+import com.example.taskqueue.security.filter.CustomCorsFilter;
 import com.example.taskqueue.security.filter.JwtAuthenticationProcessingFilter;
 import com.example.taskqueue.oauth.jwt.JwtService;
 import com.example.taskqueue.oauth.login.filter.CustomJsonUsernamePasswordAuthenticationFilter;
@@ -24,10 +25,6 @@
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.CorsConfigurationSource;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 /**
  * 인증은 CustomJsonUsernamePasswordAuthenticationFilter에서 authenticate()로 인증된 사용자로 처리
@@ -92,6 +89,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .antMatchers(BASIC_URL).permitAll()
                 .antMatchers(SWAGGER_URL).permitAll()
                 .antMatchers(API_URL).permitAll()
+                .antMatchers("/ex").permitAll() //삭제해야댐
                 .antMatchers("/kakao-logout").permitAll()
                 .antMatchers("/kakao-login").permitAll()
                 .antMatchers("/login/oauth2/code/kakao").permitAll()
@@ -172,4 +170,9 @@ public JwtAuthenticationProcessingFilter jwtAuthenticationProcessingFilter() {
         JwtAuthenticationProcessingFilter jwtAuthenticationFilter = new JwtAuthenticationProcessingFilter(jwtService, userRepository,responseUtils);
         return jwtAuthenticationFilter;
     }
+
+    @Bean
+    public CustomCorsFilter corsFilter() {
+        return new CustomCorsFilter();
+    }
 }

src/main/java/com/example/taskqueue/config/WebMvcConfig.java

@@ -24,7 +24,7 @@ public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentRes
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
                 .allowedMethods("*")
-                .allowedOriginPatterns("http://localhost") //원래는 * 이었음
+                .allowedOriginPatterns("http://localhost:3000") //원래는 * 이었음
                 .allowCredentials(true)
                 .exposedHeaders("Authorization")
                 .maxAge(3000);

src/main/java/com/example/taskqueue/oauth/controller/TokenController.java

@@ -5,6 +5,7 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
@@ -48,4 +49,8 @@ public ResponseEntity<?> refreshAccessToken(HttpServletRequest request, HttpServ
             return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
         }
     }
+    @GetMapping("/ex")
+    public String example(){
+        return "example pushed";
+    }
 }

src/main/java/com/example/taskqueue/security/filter/CustomCorsFilter.java

@@ -0,0 +1,33 @@
+package com.example.taskqueue.security.filter;
+
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+
+@Component
+@WebFilter("/*")
+@Order(Ordered.HIGHEST_PRECEDENCE)
+public class CustomCorsFilter implements Filter {
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+            throws IOException, ServletException {
+        HttpServletResponse httpResponse = (HttpServletResponse) response; // Cast to HttpServletResponse
+        // Add the necessary CORS headers
+        httpResponse.setHeader("Access-Control-Allow-Origin", "http://localhost:3000"); // Adjust this based on your needs
+        httpResponse.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
+        httpResponse.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type");
+        httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
+
+        // Continue with the request
+        chain.doFilter(request, response);
+    }
+}