[DEPLOY] v.1.1.10

[DEPLOY] v.1.1.10

Author: sung-silver

src/main/java/sopt/makers/authentication/common/constant/CookieConstant.java

@@ -5,5 +5,7 @@ private CookieConstant() {}
 
   public static final String SAME_SITE_NONE = "None";
   public static final String COOKIE_DOMAIN = ".sopt.org";
-  public static final String CORS_ALLOWED_ORIGIN_PATTERN = "https://*.sopt.org";
+  public static final String[] CORS_ALLOWED_ORIGINS = {
+    "https://sopt-internal-dev.sopt.org", "https://playground.sopt.org"
+  };
 }

src/main/java/sopt/makers/authentication/config/WebConfig.java

@@ -1,6 +1,6 @@
 package sopt.makers.authentication.config;
 
-import static sopt.makers.authentication.common.constant.CookieConstant.CORS_ALLOWED_ORIGIN_PATTERN;
+import static sopt.makers.authentication.common.constant.CookieConstant.CORS_ALLOWED_ORIGINS;
 import static sopt.makers.authentication.common.constant.SystemConstant.API_KEY_HEADER;
 import static sopt.makers.authentication.common.constant.SystemConstant.PATTERN_ALL;
 import static sopt.makers.authentication.common.constant.SystemConstant.SERVICE_NAME_HEADER;
@@ -16,7 +16,7 @@ public class WebConfig implements WebMvcConfigurer {
   public void addCorsMappings(CorsRegistry registry) {
     registry
         .addMapping(PATTERN_ALL)
-        .allowedOriginPatterns(CORS_ALLOWED_ORIGIN_PATTERN)
+        .allowedOrigins(CORS_ALLOWED_ORIGINS)
         .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH")
         .allowedHeaders("Authorization", "Content-Type", API_KEY_HEADER, SERVICE_NAME_HEADER)
         .allowCredentials(true)