Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dynamic CORS Filter #3278

Merged
merged 2 commits into from
Apr 13, 2021
Merged

Dynamic CORS Filter #3278

merged 2 commits into from
Apr 13, 2021

Conversation

lorthirk
Copy link

@lorthirk lorthirk commented Mar 17, 2021
edited
Loading

Introducing Dynamic CORS Filter

This is a refactoring of the existing CORS filter, that is currently allowing all Cross Origins requests responding with Access-Control-Allow-Origin: * to any REST request. From now on, the CORS Filter will only allow calls from specific Origins that can be configured per-account or for the whole system.

Related Issue
No related issues

Description of the solution adopted
The filter leverages the Endpoints feature to register allowed Origins for any given account.

A new tab will appear under the Settings menu item, named CORS. Here you can add HTTP Origins that will be allowed for a given account. Since those items are actually leveraging the Endpoints feature, the same inheritance rules will apply (i.e. if not CORS Origins are found in a given account, the account hierarchy will be traversed up until the root account until a CORS Origin definition will be found).

System-wide CORS Origins can also be configured via the api.cors.origins.allow system property.

Screenshots
New Add Endpoint Dialog:

CORS Window

Any side note on the changes made
The Endpoints registered as valid CORS Origins will have the cors Endpoint Type. Regular Endpoints will have the resource Endpoint Type.

@lorthirk lorthirk added Console GWT This issue/PR is related to Admin Web Console Enhancement This PR/Issue improves an part of Kapua REST API We hope to REST everyday labels Mar 17, 2021
@lorthirk lorthirk requested a review from Coduz March 17, 2021 09:07
@codecov
Copy link

codecov bot commented Mar 17, 2021
edited
Loading

Codecov Report

Merging #3278 (e1ca772) into develop (e1a8e1d) will increase coverage by 1.39%.
The diff coverage is 19.60%.

❗ Current head e1ca772 differs from pull request most recent head 4b18a33. Consider uploading reports for the commit 4b18a33 to get more accurate results
Impacted file tree graph

@@              Coverage Diff              @@
##             develop    #3278      +/-   ##
=============================================
+ Coverage      52.71%   54.10%   +1.39%     
- Complexity       782      786       +4     
=============================================
  Files           1470     1475       +5     
  Lines          30031    30150     +119     
  Branches        2508     2520      +12     
=============================================
+ Hits           15832    16314     +482     
+ Misses         13306    12920     -386     
- Partials         893      916      +23
Impacted Files Coverage Δ Complexity Δ
...eclipse/kapua/app/api/core/CORSResponseFilter.java 0.00% <0.00%> (ø) 0.00 <0.00> (ø)
...g/eclipse/kapua/service/endpoint/EndpointInfo.java 0.00% <ø> (ø) 0.00 <0.00> (?)
...kapua/service/endpoint/EndpointInfoAttributes.java 0.00% <ø> (ø) 0.00 <0.00> (?)
...ua/service/endpoint/internal/EndpointInfoImpl.java 62.50% <66.66%> (+62.50%) 0.00 <0.00> (ø)
...ice/endpoint/internal/EndpointInfoServiceImpl.java 75.22% <73.33%> (+75.22%) 0.00 <0.00> (ø)
...app/api/core/settings/KapuaApiCoreSettingKeys.java 100.00% <100.00%> (ø) 0.00 <0.00> (ø)
...ice/endpoint/internal/EndpointInfoCreatorImpl.java 77.27% <100.00%> (+77.27%) 0.00 <0.00> (ø)
...pua/service/endpoint/internal/EndpointInfoDAO.java 86.66% <100.00%> (+86.66%) 0.00 <0.00> (ø)
...ransport/mqtt/pooling/PooledMqttClientFactory.java 61.90% <0.00%> (-9.53%) 0.00% <0.00%> (ø%)
...a/org/eclipse/kapua/transport/mqtt/MqttClient.java 56.09% <0.00%> (-6.10%) 0.00% <0.00%> (ø%)
... and 63 more

@lorthirk lorthirk marked this pull request as draft March 17, 2021 16:26
@lorthirk lorthirk force-pushed the feature-corsOriginRegistry branch 7 times, most recently from e624c31 to c2dfad0 Compare March 24, 2021 18:06
@lorthirk lorthirk marked this pull request as ready for review March 24, 2021 20:29
@lorthirk lorthirk force-pushed the feature-corsOriginRegistry branch 3 times, most recently from ecb501c to f8b0499 Compare March 25, 2021 17:06
Claudio Mezzasalma added 2 commits March 25, 2021 23:03
CORS Endpoint Window
90d4d73 
Signed-off-by: Claudio Mezzasalma <claudio.mezzasalma@eurotech.com>
Only allow declared Origins in CORS Filter
4b18a33 
Signed-off-by: Claudio Mezzasalma <claudio.mezzasalma@eurotech.com>
@lorthirk lorthirk force-pushed the feature-corsOriginRegistry branch from f8b0499 to 4b18a33 Compare March 25, 2021 22:03
@Coduz Coduz merged commit 245b601 into eclipse-kapua:develop Apr 13, 2021
@lorthirk lorthirk deleted the feature-corsOriginRegistry branch April 13, 2021 14:53
This was referenced Apr 14, 2021
Merged
Merged
@Coduz Coduz mentioned this pull request Apr 15, 2021
Merged
@lorthirk lorthirk mentioned this pull request May 5, 2021
Closed
@lorthirk lorthirk mentioned this pull request Jun 4, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Coduz Coduz Coduz approved these changes

Assignees
No one assigned
Labels
Console GWT This issue/PR is related to Admin Web Console Enhancement This PR/Issue improves an part of Kapua REST API We hope to REST everyday
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lorthirk @Coduz