2

New to JAVA, Please help me to add cross domain access to the code below. Do I need to add any plugin or library to invoke cross domain access?or in general, how do i add headers to the response object?

package com.proj.csd.resource;

import com.proj.csd.domain.UserTokenRequest;
import com.proj.csd.domain.UserTokenResponse;
import com.proj.csd.service.UserService;
import com.codahale.metrics.annotation.Timed;

import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

@Path("/user")
public class UserResource {
    private final UserService userService;
    public UserResource(final UserService userService) {
        this.userService = userService;
    }


    @POST
    @Path("/token")
    @Timed
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MediaType.APPLICATION_JSON)
    public Response getToken(UserTokenRequest userTokenRequest) throws Exception {
        UserTokenResponse response = userService.getToken(userTokenRequest);

        if (response != null) {
            return Response.ok(response, MediaType.APPLICATION_JSON_TYPE).build();
        } else {
            return Response.status(Response.Status.UNAUTHORIZED).entity("Invalid Auth credentials").header("WWW-Authenticate", "Basic realm=\"Auth\"").type(MediaType.TEXT_PLAIN_TYPE).build();
        }
    }
}
tv3free
  • 173
  • 1
  • 19

1 Answers1

1

RestEasy-specific way to enable CORS on Wild fly without using a filter and where you can control your APIs response header configuration at the resource level.

@POST
@Path("/token")
@Timed
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response getToken(UserTokenRequest userTokenRequest) throws Exception {
UserTokenResponse response = userService.getToken(userTokenRequest);
     if (response != null) {
       return Response
            .status(200)
            .header("Access-Control-Allow-Origin", "*")
            .header("Access-Control-Allow-Headers", "origin, content-type, accept, authorization")
            .header("Access-Control-Allow-Credentials", "true")
            .header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD")
            .header("Access-Control-Max-Age", "1209600")
            .ok(response, MediaType.APPLICATION_JSON_TYPE)
            .build();
    } else {
        return Response.status(Response.Status.UNAUTHORIZED).entity("Invalid Auth credentials").header("WWW-Authenticate", "Basic realm=\"Auth\"").type(MediaType.TEXT_PLAIN_TYPE).build();
    }

}
Tanvi B
  • 1,577
  • 11
  • 14