fix : Remove the duplicate CORS settings and correct the handling message for a 403 authorization error (permission denied)

Author: patternhelloworld

README.md

@@ -6,7 +6,7 @@
   * Authentication management based on a combination of username, client id, and an extra token (referred to in the source code as App-Token, which receives a unique value from the calling devices).
   * Separated UserDetails implementation for Admin and Customer roles.
   * Integration with spring-security-oauth2-authorization-server.
-    * Provide MySQL DDL, which consists of oauth\_access\_token, oauth\_refresh\_token and oauth\_client\_details, which is tables in Security 5. As I mean to migrate current security system to Security 6, I haven't changed them to the ``oauth2_authorization`` table indicated in https://github.com/spring-projects/spring-authorization-server.
+    * Provide MySQL DDL, which consists of oauth\_access\_token, oauth\_refresh\_token and oauth\_client\_details, which is tables in Security 5. As I mean to migrate current security system to Security 6, I haven't changed them to the ``authorization`` table indicated in https://github.com/spring-projects/spring-authorization-server.
   * Application of Spring Rest Docs.
 ## Dependencies
 

src/main/java/com/patternknife/securityhelper/oauth2/config/response/error/GlobalExceptionHandler.java

@@ -60,7 +60,7 @@ public ResponseEntity<?> authenticationException(Exception ex, WebRequest reques
     @ExceptionHandler({UnauthorizedException.class, AccessDeniedException.class, DisabledException.class})
     public ResponseEntity<?> authorizationException(Exception ex, WebRequest request) {
         ErrorDetails errorDetails = new ErrorDetails(ex.getMessage() != null ? ex.getMessage() : CustomExceptionUtils.getAllCauses(ex), request.getDescription(false),
-                ex.getMessage() == null ? SecurityExceptionMessage.AUTHENTICATION_ERROR.getMessage() : ex.getMessage(), ex.getStackTrace()[0].toString());
+                ex.getMessage() == null || ex.getMessage().equals("Access Denied") ? SecurityExceptionMessage.AUTHORIZATION_FAILURE.getMessage() : ex.getMessage(), ex.getStackTrace()[0].toString());
         return new ResponseEntity<>(errorDetails, HttpStatus.FORBIDDEN);
     }
     // Custom or Admin

src/main/java/com/patternknife/securityhelper/oauth2/config/security/web/WebMvcConfig.java

@@ -3,37 +3,18 @@
 
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpMethod;
-import org.springframework.web.servlet.config.annotation.*;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 @RequiredArgsConstructor
 @Configuration
 @EnableWebMvc
 public class WebMvcConfig implements WebMvcConfigurer {
 
-    @Override
-    public void addCorsMappings(CorsRegistry registry) {
-        registry
-                .addMapping("/**")
-                .allowedOrigins("*")
-                .allowedMethods(
-                        HttpMethod.GET.name(),
-                        HttpMethod.HEAD.name(),
-                        HttpMethod.POST.name(),
-                        HttpMethod.PUT.name(),
-                        HttpMethod.PATCH.name(),
-                        HttpMethod.DELETE.name());
-    }
-
     @Override
     public void addResourceHandlers(ResourceHandlerRegistry registry) {
         registry.addResourceHandler("/docs/**").addResourceLocations("classpath:/static/docs/");
     }
 
-
-
-    @Override
-    public void addInterceptors(InterceptorRegistry registry) {
-
-    }
 }