SynapseCORSConfiguration.java
/*
* Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.synapse.api.cors;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.SynapseException;
import org.apache.synapse.config.SynapsePropertiesLoader;
import org.apache.synapse.rest.RESTConstants;
import java.net.InterfaceAddress;
import java.net.MalformedURLException;
import java.net.NetworkInterface;
import java.net.SocketException;
import java.net.URL;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
/**
* This class holds CORS configurations made in synapse.properties file
*/
public class SynapseCORSConfiguration implements CORSConfiguration {
private static Log LOG = LogFactory.getLog(SynapseCORSConfiguration.class);
private static SynapseCORSConfiguration corsConfigs = null;
private boolean enabled;
private Set<String> allowedOrigins = new HashSet<>();
private String allowedHeaders;
private static final String LOCAL_HOST = "localhost";
private SynapseCORSConfiguration() {
enabled = SynapsePropertiesLoader.getBooleanProperty(RESTConstants.CORS_CONFIGURATION_ENABLED, true);
if (!enabled) {
return; // no need to do the rest if cors is not enabled.
}
//Retrieve allowed origin list
String allowedOriginListStr =
SynapsePropertiesLoader.getPropertyValue(RESTConstants.CORS_CONFIGURATION_ACCESS_CTL_ALLOW_ORIGIN, null);
if (allowedOriginListStr != null) {
String[] originList = allowedOriginListStr.split(",");
for (String origin : originList) {
String trimmedOrigin = origin.trim();
allowedOrigins.add(trimmedOrigin);
if (!trimmedOrigin.contains(LOCAL_HOST)) {
continue;
}
try {
URL url = new URL(trimmedOrigin);
if (url.getHost().equals(LOCAL_HOST)) {
// Add localhost IPs as allowed origin
Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
while (networkInterfaces.hasMoreElements()) {
NetworkInterface nInterface = networkInterfaces.nextElement();
for (InterfaceAddress iAddr : nInterface.getInterfaceAddresses()) {
URL localUrl =
new URL(url.getProtocol(), iAddr.getAddress().getHostAddress(), url.getPort(), "");
allowedOrigins.add(localUrl.toString());
}
}
}
} catch (MalformedURLException e) {
throw new SynapseException("Provided origin URL " + trimmedOrigin + " is malformed", e);
} catch (SocketException e) {
throw new SynapseException("Error occurred while retrieving network interfaces", e);
}
}
}
//Retrieve allowed headers
allowedHeaders =
SynapsePropertiesLoader.getPropertyValue(RESTConstants.CORS_CONFIGURATION_ACCESS_CTL_ALLOW_HEADERS, "");
}
public static SynapseCORSConfiguration getInstance() {
if (corsConfigs != null) {
return corsConfigs;
}
//init CORS configurations
corsConfigs = new SynapseCORSConfiguration();
return corsConfigs;
}
public boolean isEnabled() {
return enabled;
}
public Set<String> getAllowedOrigins() {
return allowedOrigins;
}
public String getAllowedHeaders() {
return allowedHeaders;
}
}