Skip to content

Commit

Permalink
can't use settingsWrapper for CORs
Browse files Browse the repository at this point in the history
  • Loading branch information
@qqmyers
qqmyers committed May 1, 2024
1 parent 0d03f66 commit af08864
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions src/main/java/edu/harvard/iq/dataverse/authorization/AuthFilter.java
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
package edu.harvard.iq.dataverse.authorization;

import edu.harvard.iq.dataverse.SettingsWrapper;
import edu.harvard.iq.dataverse.authorization.providers.oauth2.AbstractOAuth2AuthenticationProvider;
import edu.harvard.iq.dataverse.authorization.providers.oauth2.oidc.OIDCAuthProvider;
import edu.harvard.iq.dataverse.settings.SettingsServiceBean;
import edu.harvard.iq.dataverse.util.ClockUtil;
import edu.harvard.iq.dataverse.util.StringUtil;
import edu.harvard.iq.dataverse.util.SystemConfig;
Expand Down Expand Up @@ -43,9 +43,9 @@ public class AuthFilter implements Filter {

@EJB
SystemConfig systemConfig;

@EJB
SettingsWrapper settingsWrapper;
SettingsServiceBean settingsService;

@Inject
AuthenticationServiceBean authenticationSvc;
Expand All @@ -54,6 +54,8 @@ public class AuthFilter implements Filter {
@ClockUtil.LocalTime
Clock clock;

private final String dvUrl = settingsService.getValueForKey(SettingsServiceBean.Key.QDRDrupalSiteURL);

@Override
public void init(FilterConfig filterConfig) throws ServletException {
logger.fine(AuthFilter.class.getName() + "initialized. filterConfig.getServletContext().getServerInfo(): " + filterConfig.getServletContext().getServerInfo());
Expand Down Expand Up @@ -83,7 +85,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse response, Fi
//boolean hasAuthToken = httpServletRequest.getParameter("key") != null) || (httpServletRequest.getParameter("token")!= null) || httpServletRequest.getHeader('X-Dataverse-key');
boolean ssoPath = path.equals("/sso");
if(ssoPath) {
((HttpServletResponse) response).addHeader("Access-Control-Allow-Origin", settingsWrapper.get(":QDRDrupalSiteURL"));
((HttpServletResponse) response).addHeader("Access-Control-Allow-Origin", dvUrl);
((HttpServletResponse) response).addHeader("Access-Control-Allow-Methods", "GET");

}
Expand Down

0 comments on commit af08864

Please sign in to comment.