Skip to content

Commit

Permalink
Merge pull request #395 from fisuda/feature/cors
Browse files Browse the repository at this point in the history
Add cross-origin resource sharing for Orion (#394)
  • Loading branch information
fisuda authored Jun 21, 2024
2 parents 1bc3828 + 08c4f54 commit 8e9eee6
Show file tree
Hide file tree
Showing 10 changed files with 120 additions and 9 deletions.
25 changes: 25 additions & 0 deletions .config.sh
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,31 @@ ORION=orion
# Expose port 1026 (none, local, all) Default: none
ORION_EXPOSE_PORT=

# Enable cross-origin resource sharing (CORS) Default: false
ORION_CORS=

# Set Access-Control-Allow-Origin header for CORS
# Default: '*'
set -f
ORION_ACCESS_CONTROL_ALLOW_ORIGIN=
set +f

# Set Access-Control-Allow-Methods header for CORS
# Default: 'GET, POST, OPTIONS, DELETE, PUT, PATCH'
ORION_ACCESS_CONTROL_ALLOW_METHODS=

# Set Access-Control-Allow-Headers header for CORS
# Default: 'Origin, Content-Type, Accept, Authorization, X-Requested-With, fiware-service, fiware-servicepath'
ORION_ACCESS_CONTROL_ALLOW_HEADERS=

# Set Access-Control-Expose-Headers header for CORS
# Default: 'location, fiware-correlator'
ORION_CONTROL_EXPOSE_HEADERS=

# Set Access-Control-Max-Age header for CORS
# Default: 7200
ORION_ACCESS_CONTROL_MAX_AGE=

# Docker image for Orion
IMAGE_ORION=telefonicaiot/fiware-orion:4.0.0

Expand Down
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
## FIWARE Big Bang v0.39.0-next

- Add cross-origin resource sharing for Orion (#394)
- Fix maintenance script (#393)

## FIWARE Big Bang v0.39.0 - 09 June, 2024
Expand Down
25 changes: 25 additions & 0 deletions config.sh
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,31 @@ ORION=orion
# Expose port 1026 (none, local, all) Default: none
ORION_EXPOSE_PORT=

# Enable cross-origin resource sharing (CORS) Default: false
ORION_CORS=

# Set Access-Control-Allow-Origin header for CORS
# Default: '*'
set -f
ORION_ACCESS_CONTROL_ALLOW_ORIGIN=
set +f

# Set Access-Control-Allow-Methods header for CORS
# Default: 'GET, POST, OPTIONS, DELETE, PUT, PATCH'
ORION_ACCESS_CONTROL_ALLOW_METHODS=

# Set Access-Control-Allow-Headers header for CORS
# Default: 'Origin, Content-Type, Accept, Authorization, X-Requested-With, fiware-service, fiware-servicepath'
ORION_ACCESS_CONTROL_ALLOW_HEADERS=

# Set Access-Control-Expose-Headers header for CORS
# Default: 'location, fiware-correlator'
ORION_CONTROL_EXPOSE_HEADERS=

# Set Access-Control-Max-Age header for CORS
# Default: 7200
ORION_ACCESS_CONTROL_MAX_AGE=

# Docker image for Orion
IMAGE_ORION=telefonicaiot/fiware-orion:4.0.0

Expand Down
14 changes: 10 additions & 4 deletions docs/en/installation/orion.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,16 @@

You can specify configurations by editing the `config.sh` file.

| Variable name | Description | Default value |
| ------------------- | ------------------------------------- | ------------- |
| ORION | A sub-domain name of Orion. | orion |
| ORION\_EXPOSE\_PORT | Expose port 1026. (none, local, all) | none |
| Variable name | Description | Default value |
| -------------------------------------- | ------------------------------------------------- | --------------------------------------------------------------------------------------------------- |
| ORION | A sub-domain name of Orion. | orion |
| ORION\_EXPOSE\_PORT | Expose port 1026. (none, local, all) | none |
| ORION\_CORS | Enable cross-origin resource sharing (CORS) | false |
| ORION\_ACCESS\_CONTROL\_ALLOW\_ORIGIN | Set Access-Control-Allow-Origin header for CORS | '\*' |
| ORION\_ACCESS\_CONTROL\_ALLOW\_METHODS | Set Access-Control-Allow-Methods header for CORS | 'GET, POST, OPTIONS, DELETE, PUT, PATCH' |
| ORION\_ACCESS\_CONTROL\_ALLOW\_HEADERS | Set Access-Control-Allow-Headers header for CORS | 'Origin, Content-Type, Accept, Authorization, X-Requested-With, fiware-service, fiware-servicepath' |
| ORION\_CONTROL\_EXPOSE\_HEADERS | Set Access-Control-Expose-Headers header for CORS | 'location, fiware-correlator' |
| ORION\_ACCESS\_CONTROL\_MAX\_AGE | Set Access-Control-Max-Age header for CORS | 7200 |

## How to setup

Expand Down
14 changes: 10 additions & 4 deletions docs/ja/installation/orion.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,16 @@

`config.sh` ファイルを編集して構成を指定できます。

| 変数名 | 説明 | 既定値 |
| ------------------- | ---------------------------------------------------- | ------ |
| ORION | Orion のサブドメイン名 | orion |
| ORION\_EXPOSE\_PORT | Orion のポート 1026 を公開。(none, local または all) | none |
| 変数名 | 説明 | 既定値 |
| -------------------------------------- | ---------------------------------------------------- | --------------------------------------------------------------------------------------------------- |
| ORION | Orion のサブドメイン名 | orion |
| ORION\_EXPOSE\_PORT | Orion のポート 1026 を公開。(none, local または all) | none |
| ORION\_CORS | Cross-origin resource sharing (CORS) を有効化 | false |
| ORION\_ACCESS\_CONTROL\_ALLOW\_ORIGIN | CORS の Access-Control-Allow-Origin ヘッダを設定 | '\*' |
| ORION\_ACCESS\_CONTROL\_ALLOW\_METHODS | CORS の Access-Control-Allow-Methods ヘッダを設定 | 'GET, POST, OPTIONS, DELETE, PUT, PATCH' |
| ORION\_ACCESS\_CONTROL\_ALLOW\_HEADERS | CORS の Access-Control-Allow-Headers ヘッダを設定 | 'Origin, Content-Type, Accept, Authorization, X-Requested-With, fiware-service, fiware-servicepath' |
| ORION\_CONTROL\_EXPOSE\_HEADERS | CORS の Access-Control-Expose-Headers ヘッダを設定 | 'location, fiware-correlator' |
| ORION\_ACCESS\_CONTROL\_MAX\_AGE | CORS の Access-Control-Max-Age header ヘッダを設定 | 7200 |

<a name="how-to-setup"></a>

Expand Down
30 changes: 29 additions & 1 deletion lets-fiware.sh
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,10 @@ set_default_values() {
ORION_EXPOSE_PORT=none
fi

if [ -z "${ORION_CORS=}" ]; then
ORION_CORS=false
fi

if [ -z "${ORION_LD_EXPOSE_PORT}" ]; then
ORION_LD_EXPOSE_PORT=none
fi
Expand Down Expand Up @@ -1958,6 +1962,30 @@ EOF

create_nginx_conf "${ORION}" "nginx-orion"

if "${ORION_CORS}"; then
set -f
if [ -z ${ORION_ACCESS_CONTROL_ALLOW_ORIGIN} ]; then
ORION_ACCESS_CONTROL_ALLOW_ORIGIN="'*'"
fi
: ${ORION_ACCESS_CONTROL_ALLOW_METHODS:="'GET, POST, OPTIONS, DELETE, PUT, PATCH'"}
: ${ORION_ACCESS_CONTROL_ALLOW_HEADERS:="'Origin, Content-Type, Accept, Authorization, X-Requested-With, fiware-service, fiware-servicepath'"}
: ${ORION_CONTROL_EXPOSE_HEADERS:="'location, fiware-correlator'"}
: ${ORION_ACCESS_CONTROL_MAX_AGE:=7200}

sed -i \
-e "/__NGINX_ORION_CORS_HEADERS__/r ${SETUP_DIR}/template/nginx/nginx-orion-cors-headers" \
-e "/__NGINX_ORION_CORS_REQUEST_METHOD__/r ${SETUP_DIR}/template/nginx/nginx-orion-cors-request-method" \
"${NGINX_SITES}/${ORION}"
sed -i \
-e "s/ORION_ACCESS_CONTROL_ALLOW_ORIGIN/${ORION_ACCESS_CONTROL_ALLOW_ORIGIN}/" \
-e "s/ORION_ACCESS_CONTROL_ALLOW_METHODS/${ORION_ACCESS_CONTROL_ALLOW_METHODS}/" \
-e "s/ORION_ACCESS_CONTROL_ALLOW_HEADERS/${ORION_ACCESS_CONTROL_ALLOW_HEADERS}/" \
-e "s/ORION_CONTROL_EXPOSE_HEADERS/${ORION_CONTROL_EXPOSE_HEADERS}/" \
-e "s/ORION_ACCESS_CONTROL_MAX_AGE/${ORION_ACCESS_CONTROL_MAX_AGE}/" \
"${NGINX_SITES}/${ORION}"
set +f
fi

add_nginx_depends_on "orion"

add_rsyslog_conf "orion"
Expand Down Expand Up @@ -3648,7 +3676,7 @@ setup_end() {
sed -i -e "/# __NGINX_KEYROCK__/d" "${NGINX_SITES}/${KEYROCK}"
fi
if [ -n "${ORION}" ]; then
sed -i -e "/# __NGINX_ORION__/d" "${NGINX_SITES}/${ORION}"
sed -i -e "/# __NGINX_ORION_/d" "${NGINX_SITES}/${ORION}"
fi
if [ -n "${ORION_LD}" ]; then
sed -i -e "/# __NGINX_ORION_LD__/d" "${NGINX_SITES}/${ORION_LD}"
Expand Down
2 changes: 2 additions & 0 deletions setup/template/nginx/nginx-orion
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,9 @@ server {
add_header Front-End-Https on;
add_header Strict-Transport-Security 'max-age=15768000; includeSubdomains; always';

# __NGINX_ORION_CORS_HEADERS__
location / {
# __NGINX_ORION_CORS_REQUEST_METHOD__
set $req_uri "$uri";
auth_request /_check_oauth2_token;

Expand Down
6 changes: 6 additions & 0 deletions setup/template/nginx/nginx-orion-cors-headers
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# Add CORS Headers
add_header 'Access-Control-Allow-Origin' ORION_ACCESS_CONTROL_ALLOW_ORIGIN;
add_header 'Access-Control-Allow-Methods' ORION_ACCESS_CONTROL_ALLOW_METHODS;
add_header 'Access-Control-Allow-Headers' ORION_ACCESS_CONTROL_ALLOW_HEADERS;
add_header 'Access-Control-Expose-Headers' ORION_CONTROL_EXPOSE_HEADERS;

11 changes: 11 additions & 0 deletions setup/template/nginx/nginx-orion-cors-request-method
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' ORION_ACCESS_CONTROL_ALLOW_ORIGIN;
add_header 'Access-Control-Allow-Methods' ORION_ACCESS_CONTROL_ALLOW_METHODS;
add_header 'Access-Control-Allow-Headers' ORION_ACCESS_CONTROL_ALLOW_HEADERS;
add_header 'Access-Control-Expose-Headers' ORION_CONTROL_EXPOSE_HEADERS;
add_header 'Access-Control-Max-Age' ORION_ACCESS_CONTROL_MAX_AGE;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}

1 change: 1 addition & 0 deletions tests/script/coverage.sh
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,7 @@ install_test1() {
sudo apt remove -y rsyslog

sed -i -e "s/^\(ORION_EXPOSE_PORT=\).*/\1local/" config.sh
sed -i -e "s/^\(ORION_CORS=\).*/\1true/" config.sh
sed -i -e "s/^\(CYGNUS=\).*/\1cygnus/" config.sh
sed -i -e "s/^\(COMET=\).*/\1comet/" config.sh
sed -i -e "s/^\(QUANTUMLEAP=\).*/\1quantumleap/" config.sh
Expand Down

0 comments on commit 8e9eee6

Please sign in to comment.