org.keycloak.services.resources.Cors クラス

org.keycloak.services.resources.Cors 連携図

公開メンバ関数
	Cors (HttpRequest request, ResponseBuilder response)
	Cors (HttpRequest request)
Cors	builder (ResponseBuilder builder)
Cors	preflight ()
Cors	auth ()
Cors	allowAllOrigins ()
Cors	allowedOrigins (UriInfo uriInfo, ClientModel client)
Cors	allowedOrigins (AccessToken token)
Cors	allowedOrigins (String... allowedOrigins)
Cors	allowedMethods (String... allowedMethods)
Cors	exposedHeaders (String... exposedHeaders)
Response	build ()
void	build (HttpResponse response)

静的公開メンバ関数
static Cors	add (HttpRequest request, ResponseBuilder response)
static Cors	add (HttpRequest request)

静的公開変数類
static final long	DEFAULT_MAX_AGE = TimeUnit.HOURS.toSeconds(1)
static final String	DEFAULT_ALLOW_METHODS = "GET, HEAD, OPTIONS"
static final String	DEFAULT_ALLOW_HEADERS = "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers"
static final String	ORIGIN_HEADER = "Origin"
static final String	AUTHORIZATION_HEADER = "Authorization"
static final String	ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin"
static final String	ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods"
static final String	ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers"
static final String	ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers"
static final String	ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials"
static final String	ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age"
static final String	ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD = "*"
static final String	INCLUDE_REDIRECTS = "+"

非公開変数類
HttpRequest	request
ResponseBuilder	builder
Set< String >	allowedOrigins
Set< String >	allowedMethods
Set< String >	exposedHeaders
boolean	preflight
boolean	auth

静的非公開変数類
static final Logger	logger = Logger.getLogger(Cors.class)

詳解

著者

Stian Thorgersen

構築子と解体子

Cors() [1/2]

org.keycloak.services.resources.Cors.Cors ( HttpRequest  request, ResponseBuilder  response  )

inline

                                                               {
        this.request = request;
        this.builder = response;
    }

Cors() [2/2]

org.keycloak.services.resources.Cors.Cors ( HttpRequest  request )

inline

                                     {
        this.request = request;
    }

関数詳解

add() [1/2]

static Cors org.keycloak.services.resources.Cors.add ( HttpRequest  request, ResponseBuilder  response  )

inlinestatic

                                                                          {
        return new Cors(request, response);
    }

add() [2/2]

static Cors org.keycloak.services.resources.Cors.add ( HttpRequest  request )

inlinestatic

                                                {
        return new Cors(request);
    }

allowAllOrigins()

Cors org.keycloak.services.resources.Cors.allowAllOrigins ( )

inline

                                  {
        allowedOrigins = Collections.singleton(ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD);
        return this;
    }

allowedMethods()

Cors org.keycloak.services.resources.Cors.allowedMethods ( String...  allowedMethods )

inline

                                                         {
        this.allowedMethods = new HashSet<>(Arrays.asList(allowedMethods));
        return this;
    }

allowedOrigins() [1/3]

Cors org.keycloak.services.resources.Cors.allowedOrigins ( UriInfo  uriInfo, ClientModel  client  )

inline

                                                                    {
        if (client != null) {
            allowedOrigins = WebOriginsUtils.resolveValidWebOrigins(uriInfo, client);
        }
        return this;
    }

allowedOrigins() [2/3]

Cors org.keycloak.services.resources.Cors.allowedOrigins ( AccessToken  token )

inline

                                                  {
        if (token != null) {
            allowedOrigins = token.getAllowedOrigins();
        }
        return this;
    }

allowedOrigins() [3/3]

Cors org.keycloak.services.resources.Cors.allowedOrigins ( String...  allowedOrigins )

inline

                                                         {
        if (allowedOrigins != null && allowedOrigins.length > 0) {
            this.allowedOrigins = new HashSet<>(Arrays.asList(allowedOrigins));
        }
        return this;
    }

auth()

Cors org.keycloak.services.resources.Cors.auth ( )

inline

                       {
        auth = true;
        return this;
    }

build() [1/2]

Response org.keycloak.services.resources.Cors.build ( )

inline

                            {
        String origin = request.getHttpHeaders().getRequestHeaders().getFirst(ORIGIN_HEADER);
        if (origin == null) {
            logger.trace("No origin header ignoring");
            return builder.build();
        }

        if (!preflight && (allowedOrigins == null || (!allowedOrigins.contains(origin) && !allowedOrigins.contains(ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD)))) {
            if (logger.isDebugEnabled()) {
                logger.debugv("Invalid CORS request: origin {0} not in allowed origins {1}", origin, Arrays.toString(allowedOrigins.toArray()));
            }
            return builder.build();
        }

        builder.header(ACCESS_CONTROL_ALLOW_ORIGIN, origin);

        if (preflight) {
            if (allowedMethods != null) {
                builder.header(ACCESS_CONTROL_ALLOW_METHODS, CollectionUtil.join(allowedMethods));
            } else {
                builder.header(ACCESS_CONTROL_ALLOW_METHODS, DEFAULT_ALLOW_METHODS);
            }
        }

        if (!preflight && exposedHeaders != null) {
            builder.header(ACCESS_CONTROL_EXPOSE_HEADERS, CollectionUtil.join(exposedHeaders));
        }

        builder.header(ACCESS_CONTROL_ALLOW_CREDENTIALS, Boolean.toString(auth));

        if (preflight) {
            if (auth) {
                builder.header(ACCESS_CONTROL_ALLOW_HEADERS, String.format("%s, %s", DEFAULT_ALLOW_HEADERS, AUTHORIZATION_HEADER));
            } else {
                builder.header(ACCESS_CONTROL_ALLOW_HEADERS, DEFAULT_ALLOW_HEADERS);
            }
        }

        if (preflight) {
            builder.header(ACCESS_CONTROL_MAX_AGE, DEFAULT_MAX_AGE);
        }

        logger.debug("Added CORS headers to response");

        return builder.build();
    }

build() [2/2]

void org.keycloak.services.resources.Cors.build ( HttpResponse  response )

inline

                                             {
        String origin = request.getHttpHeaders().getRequestHeaders().getFirst(ORIGIN_HEADER);
        if (origin == null) {
            logger.trace("No origin header ignoring");
            return;
        }

        if (!preflight && (allowedOrigins == null || (!allowedOrigins.contains(origin) && !allowedOrigins.contains(ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD)))) {
            if (logger.isDebugEnabled()) {
                logger.debugv("Invalid CORS request: origin {0} not in allowed origins {1}", origin, Arrays.toString(allowedOrigins.toArray()));
            }
            return;
        }

        if (allowedOrigins.contains(ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD)) {
            response.getOutputHeaders().add(ACCESS_CONTROL_ALLOW_ORIGIN, ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD);
        } else {
            response.getOutputHeaders().add(ACCESS_CONTROL_ALLOW_ORIGIN, origin);
        }

        if (preflight) {
            if (allowedMethods != null) {
                response.getOutputHeaders().add(ACCESS_CONTROL_ALLOW_METHODS, CollectionUtil.join(allowedMethods));
            } else {
                response.getOutputHeaders().add(ACCESS_CONTROL_ALLOW_METHODS, DEFAULT_ALLOW_METHODS);
            }
        }

        if (!preflight && exposedHeaders != null) {
            response.getOutputHeaders().add(ACCESS_CONTROL_EXPOSE_HEADERS, CollectionUtil.join(exposedHeaders));
        }

        response.getOutputHeaders().add(ACCESS_CONTROL_ALLOW_CREDENTIALS, Boolean.toString(auth));

        if (preflight) {
            if (auth) {
                response.getOutputHeaders().add(ACCESS_CONTROL_ALLOW_HEADERS, String.format("%s, %s", DEFAULT_ALLOW_HEADERS, AUTHORIZATION_HEADER));
            } else {
                response.getOutputHeaders().add(ACCESS_CONTROL_ALLOW_HEADERS, DEFAULT_ALLOW_HEADERS);
            }
        }

        if (preflight) {
            response.getOutputHeaders().add(ACCESS_CONTROL_MAX_AGE, DEFAULT_MAX_AGE);
        }

        logger.debug("Added CORS headers to response");
    }

builder()

Cors org.keycloak.services.resources.Cors.builder ( ResponseBuilder  builder )

inline

                                                 {
        this.builder = builder;
        return this;
    }

exposedHeaders()

Cors org.keycloak.services.resources.Cors.exposedHeaders ( String...  exposedHeaders )

inline

                                                         {
        this.exposedHeaders = new HashSet<>(Arrays.asList(exposedHeaders));
        return this;
    }

preflight()

Cors org.keycloak.services.resources.Cors.preflight ( )

inline

                            {
        preflight = true;
        return this;
    }

メンバ詳解

ACCESS_CONTROL_ALLOW_CREDENTIALS

final String org.keycloak.services.resources.Cors.ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials"

static

ACCESS_CONTROL_ALLOW_HEADERS

final String org.keycloak.services.resources.Cors.ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers"

static

ACCESS_CONTROL_ALLOW_METHODS

final String org.keycloak.services.resources.Cors.ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods"

static

ACCESS_CONTROL_ALLOW_ORIGIN

final String org.keycloak.services.resources.Cors.ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin"

static

ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD

final String org.keycloak.services.resources.Cors.ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD = "*"

static

ACCESS_CONTROL_EXPOSE_HEADERS

final String org.keycloak.services.resources.Cors.ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers"

static

ACCESS_CONTROL_MAX_AGE

final String org.keycloak.services.resources.Cors.ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age"

static

allowedMethods

Set<String> org.keycloak.services.resources.Cors.allowedMethods

private

allowedOrigins

Set<String> org.keycloak.services.resources.Cors.allowedOrigins

private

auth

boolean org.keycloak.services.resources.Cors.auth

private

AUTHORIZATION_HEADER

final String org.keycloak.services.resources.Cors.AUTHORIZATION_HEADER = "Authorization"

static

builder

ResponseBuilder org.keycloak.services.resources.Cors.builder

private

DEFAULT_ALLOW_HEADERS

final String org.keycloak.services.resources.Cors.DEFAULT_ALLOW_HEADERS = "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers"

static

DEFAULT_ALLOW_METHODS

final String org.keycloak.services.resources.Cors.DEFAULT_ALLOW_METHODS = "GET, HEAD, OPTIONS"

static

DEFAULT_MAX_AGE

final long org.keycloak.services.resources.Cors.DEFAULT_MAX_AGE = TimeUnit.HOURS.toSeconds(1)

static

exposedHeaders

Set<String> org.keycloak.services.resources.Cors.exposedHeaders

private

INCLUDE_REDIRECTS

final String org.keycloak.services.resources.Cors.INCLUDE_REDIRECTS = "+"

static

logger

final Logger org.keycloak.services.resources.Cors.logger = Logger.getLogger(Cors.class)

staticprivate

ORIGIN_HEADER

final String org.keycloak.services.resources.Cors.ORIGIN_HEADER = "Origin"

static

preflight

boolean org.keycloak.services.resources.Cors.preflight

private

request

HttpRequest org.keycloak.services.resources.Cors.request

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/doxygen/keycloak/oidc-service/src/main/java/org/keycloak/services/resources/Cors.java