Add cors middleware

simonwep · simonwep · commit b9838e4cc9b1 · 2019-06-16T11:16:05.000+02:00
diff --git a/.gitignore b/.gitignore
@@ -27,4 +27,5 @@ hs_err_pid*
 *.iml
 /_psd
 /.gradle
-/target
+/target
+_tmp
diff --git a/README.md b/README.md
@@ -473,6 +473,22 @@ app.get("/port-test", (req, res) -> {
 ## Existing Middlewares
 There are already some basic middlewares included, you can access these via static methods provided from `Middleware`.
 
+#### CORS
+To realize a cors api yu can use the cors middleware.
+```java
+app.use(Middleware.cors());
+```
+You can use CorsOptions to specify origin, methods and more:
+```java
+CorsOptions corsOptions = new CorsOptions();
+corsOptions.setOrigin("https://mypage.com");
+corsOptions.setAllowCredentials(true);
+corsOptions.setHeaders(new String[]{"GET", "POST"});
+corsOptions.setFilter(req -> // Custom validation if cors should be applied);
+        
+app.use(Middleware.cors());
+```
+
 #### Provide static Files
 If you want to allocate some files, like librarys, css, images etc. you can use the [static](https://github.com/Simonwep/java-express/blob/master/src/express/middleware/Middleware.java) middleware. But you can also provide other files like mp4 etc.
 Example:
diff --git a/src/main/java/express/middleware/Cors.java b/src/main/java/express/middleware/Cors.java
@@ -0,0 +1,48 @@
+package express.middleware;
+
+import express.http.HttpRequestHandler;
+import express.http.RequestMethod;
+import express.http.request.Request;
+import express.http.response.Response;
+
+public class Cors implements HttpRequestHandler {
+
+    private final CorsOptions options;
+
+    public Cors(CorsOptions options) {
+        this.options = options;
+    }
+
+    @Override
+    public void handle(Request req, Response res) {
+        CorsOptions.Filter filter = this.options.getFilter();
+
+        // Check if filter is present
+        if (filter != null && !filter.shouldBypass(req)) {
+            return;
+        }
+
+        // Acquire options
+        boolean ac = this.options.isAllowCredentials();
+        String origins = this.options.getOrigin();
+        String[] headers = this.options.getHeaders();
+        RequestMethod[] methods = this.options.getMethods();
+
+        // Apply headers
+        res.setHeader("Access-Control-Allow-Credentials", Boolean.toString(ac));
+        res.setHeader("Access-Control-Allow-Origin", origins != null ? origins : "*");
+        res.setHeader("Access-Control-Allow-Methods", methods != null ? join(methods) : "*");
+        res.setHeader("Access-Control-Request-Headers", headers != null ? join(headers) : "*");
+    }
+
+    private String join(Object[] objects) {
+        StringBuilder sb = new StringBuilder();
+
+        for (Object o : objects) {
+            sb.append(o.toString()).append(", ");
+        }
+
+        String string = sb.toString();
+        return string.substring(0, string.length() - 2);
+    }
+}
diff --git a/src/main/java/express/middleware/CorsOptions.java b/src/main/java/express/middleware/CorsOptions.java
@@ -0,0 +1,69 @@
+package express.middleware;
+
+import express.http.RequestMethod;
+import express.http.request.Request;
+
+public class CorsOptions {
+
+    private boolean allowCredentials;
+    private RequestMethod[] methods;
+    private String[] headers;
+    private String origin;
+    private Filter filter;
+
+    public CorsOptions(boolean allowCredentials, String origin, String[] headers, RequestMethod[] methods, Filter filter) {
+        this.allowCredentials = allowCredentials;
+        this.origin = origin;
+        this.filter = filter;
+        this.methods = methods;
+        this.headers = headers;
+    }
+
+    public CorsOptions() {
+        this(false, null, null, null, null);
+    }
+
+    public String[] getHeaders() {
+        return headers;
+    }
+
+    public void setHeaders(String[] headers) {
+        this.headers = headers;
+    }
+
+    public String getOrigin() {
+        return origin;
+    }
+
+    public boolean isAllowCredentials() {
+        return allowCredentials;
+    }
+
+    public void setAllowCredentials(boolean allowCredentials) {
+        this.allowCredentials = allowCredentials;
+    }
+
+    public void setOrigin(String origin) {
+        this.origin = origin;
+    }
+
+    public RequestMethod[] getMethods() {
+        return methods;
+    }
+
+    public void setMethods(RequestMethod[] methods) {
+        this.methods = methods;
+    }
+
+    public Filter getFilter() {
+        return filter;
+    }
+
+    public void setFilter(Filter filter) {
+        this.filter = filter;
+    }
+
+    interface Filter {
+        boolean shouldBypass(Request req);
+    }
+}
diff --git a/src/main/java/express/middleware/FileProvider.java b/src/main/java/express/middleware/FileProvider.java
@@ -34,7 +34,7 @@ public final class FileProvider implements HttpRequestHandler {
         Path rootDir = Paths.get(root);
 
         if (!Files.exists(rootDir) || !Files.isDirectory(rootDir)) {
-            throw new IOException(rootDir + " does not exists or isn't an directory.");
+            throw new IOException(rootDir + " does not exists or isn't a directory.");
         }
 
         this.root = rootDir.toAbsolutePath().toString();
@@ -118,8 +118,9 @@ public void handle(Request req, Response res) {
     }
 
     private void finish(Path file, Request req, Response res) {
-        if (options.getHandler() != null)
+        if (options.getHandler() != null) {
             options.getHandler().handle(req, res);
+        }
 
         try {
 
diff --git a/src/main/java/express/middleware/Middleware.java b/src/main/java/express/middleware/Middleware.java
@@ -1,6 +1,5 @@
 package express.middleware;
 
-
 import java.io.IOException;
 
 /**
@@ -49,4 +48,22 @@ public static FileProvider statics(String directoryPath, FileProviderOptions sta
         return new FileProvider(directoryPath, staticOptions);
     }
 
+    /**
+     * CORS Middleware
+     *
+     * @param options Cors options
+     * @return
+     */
+    public static Cors cors(CorsOptions options) {
+        return new Cors(options);
+    }
+
+    /**
+     * CORS Middleware with default settings
+     *
+     * @return
+     */
+    public static Cors cors() {
+        return new Cors(new CorsOptions());
+    }
 }
diff --git a/src/main/java/express/utils/Utils.java b/src/main/java/express/utils/Utils.java
@@ -34,8 +34,8 @@ public static String streamToString(InputStream is) {
             }
 
             return sb.toString();
-        } catch (IOException ignored) {
-        }
+        } catch (IOException ignored) { }
+
         return null;
     }
 

-Original file line number
+Diff line change
 *.iml
 /_psd
 /.gradle
 -/target
 +/target
 +_tmp
Original file line number	Diff line number	Diff line change
`@@ -34,7 +34,7 @@ public final class FileProvider implements HttpRequestHandler {`
`34`	`34`	`Path rootDir = Paths.get(root);`
`35`	`35`
`36`	`36`	`if (!Files.exists(rootDir) \|\| !Files.isDirectory(rootDir)) {`
`37`		`- throw new IOException(rootDir + " does not exists or isn't an directory.");`
	`37`	`+ throw new IOException(rootDir + " does not exists or isn't a directory.");`
`38`	`38`	`}`
`39`	`39`
`40`	`40`	`this.root = rootDir.toAbsolutePath().toString();`
`@@ -118,8 +118,9 @@ public void handle(Request req, Response res) {`
`118`	`118`	`}`
`119`	`119`
`120`	`120`	`private void finish(Path file, Request req, Response res) {`
`121`		`- if (options.getHandler() != null)`
	`121`	`+ if (options.getHandler() != null) {`
`122`	`122`	`options.getHandler().handle(req, res);`
	`123`	`+ }`
`123`	`124`
`124`	`125`	`try {`
`125`	`126`
Original file line number	Diff line number	Diff line change
`@@ -34,8 +34,8 @@ public static String streamToString(InputStream is) {`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`return sb.toString();`
`37`		`- } catch (IOException ignored) {`
`38`		`- }`
	`37`	`+ } catch (IOException ignored) { }`
	`38`	`+`
`39`	`39`	`return null;`
`40`	`40`	`}`
`41`	`41`