import java.io.IOException;import javax.servlet.Filter;import javax.servlet.F

1. import java.io.IOException;
2.  
3. import javax.servlet.Filter;
4. import javax.servlet.FilterChain;
5. import javax.servlet.FilterConfig;
6. import javax.servlet.ServletException;
7. import javax.servlet.ServletRequest;
8. import javax.servlet.ServletResponse;
9. import javax.servlet.http.HttpServletRequest;
10. import javax.servlet.http.HttpServletResponse;
11.  
12. import org.springframework.beans.factory.annotation.Autowired;
13. import org.springframework.core.Ordered;
14. import org.springframework.core.annotation.Order;
15. import org.springframework.stereotype.Component;
16.  
17. import br.com.mdw.config.MdwApiProperty;
18.  
19. @Component
20. @Order(Ordered.HIGHEST_PRECEDENCE)
21. public class CorsFilter implements Filter {
22.  
23. @Autowired
24. private MdwApiProperty mdwApiProperty;
25.  
26.  
27. @Override
28. public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
29. throws IOException, ServletException {
30.  
31. HttpServletRequest request = (HttpServletRequest) req;
32. HttpServletResponse response = (HttpServletResponse) resp;
33.  
34. response.setHeader("Access-Control-Allow-Origin", mdwApiProperty.getOriginPermitida());
35. response.setHeader("Access-Control-Allow-Credentials", "true");
36.  
37. if ("OPTIONS".equals(request.getMethod()) && mdwApiProperty.getOriginPermitida().equals(request.getHeader("Origin"))) {
38. response.setHeader("Access-Control-Allow-Methods", "POST, GET, DELETE, PUT, OPTIONS");
39. response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept");
40. response.setHeader("Access-Control-Max-Age", "3600");
41.  
42. response.setStatus(HttpServletResponse.SC_OK);
43. } else {
44. chain.doFilter(req, resp);
45. }
46.  
47. }
48.  
49.  
50. @Override
51. public void destroy() {
52. }
53.  
54. @Override
55. public void init(FilterConfig arg0) throws ServletException {
56. }
57.  
58. }
59.  
60. import org.springframework.boot.context.properties.ConfigurationProperties;
61.  
62. @ConfigurationProperties("mdw")
63. public class MdwApiProperty {
64.  
65. private String originPermitida = "http://localhost:8000";
66.  
67. private final Seguranca seguranca = new Seguranca();
68.  
69. public Seguranca getSeguranca() {
70. return seguranca;
71. }
72.  
73. public String getOriginPermitida() {
74. return originPermitida;
75. }
76.  
77. public void setOriginPermitida(String originPermitida) {
78. this.originPermitida = originPermitida;
79. }
80.  
81. public static class Seguranca {
82.  
83. private boolean enableHttps;
84.  
85. public boolean isEnableHttps() {
86. return enableHttps;
87. }
88.  
89. public void setEnableHttps(boolean enableHttps) {
90. this.enableHttps = enableHttps;
91. }
92.  
93. }
94.  
95.  
96. }
97.  
98. @ConfigurationProperties("mdw")
99.  
100. @ConfigurationProperties("habilitando-producao")
101.  
102. habilitando-producao.seguranca.enable-https=true
103.  
104. package br.com.mdw;
105.  
106. import org.springframework.boot.SpringApplication;
107. import org.springframework.boot.autoconfigure.SpringBootApplication;
108. import org.springframework.boot.context.properties.EnableConfigurationProperties;
109.  
110. import br.com.mdw.config.MdwApiProperty;
111.  
112. @SpringBootApplication
113. @EnableConfigurationProperties(MdwApiProperty.class)
114. public class MdwApplication {
115.  
116. public static void main(String[] args) {
117. SpringApplication.run(MdwApplication.class, args);
118. }
119. }
120.  
121. mdw.seguranca.enable-https=true
122.  
123. spring.datasource.url={JDBC_DATABASE_URL}
124. spring.datasource.username={JDBC_DATABASE_USERNAME}
125. spring.datasource.password={JDBC_DATABASE_PASSWORD}
126.  
127. mdw.origin-permitida=https://mdw-arm-wladimir.herokuapp.com