Merge branch 'cherry-pick-091fbb4b' into 'develop'

Merge branch 'fix/#331' into 'wrdp'

See merge request o2oa/o2oa!1473

o2server/x_base_core_project/src/main/java/com/x/base/core/project/http/FilterTools.java

@@ -8,38 +8,38 @@ import org.apache.commons.lang3.StringUtils;
 public class FilterTools {
 
 	public static final String Access_Control_Allow_Origin = "Access-Control-Allow-Origin";
+	public static final String ORIGIN = "Origin";
 	public static final String Access_Control_Allow_Methods = "Access-Control-Allow-Methods";
 	public static final String Access_Control_Allow_Methods_Value = "GET, POST, OPTIONS, PUT, DELETE, HEAD, TRACE";
 	public static final String Access_Control_Allow_Headers = "Access-Control-Allow-Headers";
 	public static final String Access_Control_Allow_Headers_Value = "x-requested-with, x-request, x-token, c-token, Content-Type, Content-Length, x-cipher, x-client, x-debugger, Authorization";
 	public static final String Access_Control_Allow_Credentials = "Access-Control-Allow-Credentials";
 	public static final String Access_Control_Expose_Headers = "Access-Control-Expose-Headers";
+	public static final String Access_Control_Max_Age = "Access-Control-Max-Age";
+	public static final String Access_Control_Max_Age_Value = "86400";
 
 	public static void allow(HttpServletRequest request, HttpServletResponse response) throws Exception {
-		try {
-			String origin = request.getHeader("Origin");
-			response.addHeader(Access_Control_Allow_Origin, StringUtils.isBlank(origin) ? "*" : origin);
-			response.addHeader(Access_Control_Allow_Methods, Access_Control_Allow_Methods_Value);
-			response.addHeader(Access_Control_Allow_Headers, Access_Control_Allow_Headers_Value);
-			response.addHeader(Access_Control_Allow_Credentials, "true");
-			response.setHeader(Access_Control_Expose_Headers, "x-token, c-token");
-		} catch (Exception e) {
-			throw e;
-		}
+		String origin = request.getHeader(ORIGIN);
+		response.addHeader(Access_Control_Allow_Origin, StringUtils.isBlank(origin) ? "*" : origin);
+		response.addHeader(Access_Control_Allow_Methods, Access_Control_Allow_Methods_Value);
+		response.addHeader(Access_Control_Allow_Headers, Access_Control_Allow_Headers_Value);
+		response.addHeader(Access_Control_Allow_Credentials, "true");
+		response.setHeader(Access_Control_Expose_Headers, "x-token, c-token");
+		response.setHeader(Access_Control_Max_Age, Access_Control_Max_Age_Value);
 	}
 
-	public static String Application_Not_Initialized_Json = "{\"type\": \"error\", \"message\": \"application not initialized.\"}";
+	public static final String Application_Not_Initialized_Json = "{\"type\": \"error\", \"message\": \"application not initialized.\"}";
 
-	public static String Application_Not_CipherManagerUser_Json = "{\"type\": \"error\", \"message\": \"not cipher or manager or user.\"}";
+	public static final String Application_Not_CipherManagerUser_Json = "{\"type\": \"error\", \"message\": \"not cipher or manager or user.\"}";
 
-	public static String Application_Not_CipherManager_Json = "{\"type\": \"error\", \"message\": \"not cipher or manager.\"}";
+	public static final String Application_Not_CipherManager_Json = "{\"type\": \"error\", \"message\": \"not cipher or manager.\"}";
 
-	public static String Application_Not_Anonymous_Json = "{\"type\": \"error\", \"message\": \"not anonymous.\"}";
+	public static final String Application_Not_Anonymous_Json = "{\"type\": \"error\", \"message\": \"not anonymous.\"}";
 
-	public static String Application_Not_ManagerUser_Json = "{\"type\": \"error\", \"message\": \"not manager or user.\"}";
+	public static final String Application_Not_ManagerUser_Json = "{\"type\": \"error\", \"message\": \"not manager or user.\"}";
 
-	public static String Application_Not_User_Json = "{\"type\": \"error\", \"message\": \"not user.\"}";
+	public static final String Application_Not_User_Json = "{\"type\": \"error\", \"message\": \"not user.\"}";
 
-	public static String Application_Not_Cipher_Json = "{\"type\": \"error\", \"message\": \"not cipher.\"}";
+	public static final String Application_Not_Cipher_Json = "{\"type\": \"error\", \"message\": \"not cipher.\"}";
 
 }

o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/AnonymousCipherManagerUserJaxrsFilter.java

@@ -24,6 +24,8 @@ public abstract class AnonymousCipherManagerUserJaxrsFilter extends TokenFilter
 				HttpToken httpToken = new HttpToken();
 				httpToken.who(request, response, Config.token().getCipher());
 				chain.doFilter(request, response);
+			} else {
+				options(request,response);
 			}
 		} catch (Exception e) {
 			e.printStackTrace();

o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/AnonymousJaxrsFilter.java

@@ -38,6 +38,8 @@ public abstract class AnonymousJaxrsFilter extends TokenFilter {
 				} else {
 					chain.doFilter(request, response);
 				}
+			} else {
+				options(request,response);
 			}
 		} catch (Exception e) {
 			e.printStackTrace();

o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/CipherJaxrsFilter.java

@@ -38,6 +38,8 @@ public abstract class CipherJaxrsFilter extends TokenFilter {
 				} else {
 					chain.doFilter(request, response);
 				}
+			} else {
+				options(request,response);
 			}
 		} catch (Exception e) {
 			e.printStackTrace();

o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/CipherManagerJaxrsFilter.java

@@ -39,6 +39,8 @@ public abstract class CipherManagerJaxrsFilter extends TokenFilter {
 				} else {
 					chain.doFilter(request, response);
 				}
+			} else {
+				options(request,response);
 			}
 		} catch (Exception e) {
 			e.printStackTrace();

o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/CipherManagerUserJaxrsFilter.java

@@ -38,6 +38,8 @@ public abstract class CipherManagerUserJaxrsFilter extends TokenFilter {
 				} else {
 					chain.doFilter(request, response);
 				}
+			} else {
+				options(request,response);
 			}
 		} catch (Exception e) {
 			e.printStackTrace();

o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/ManagerUserJaxrsFilter.java

@@ -38,6 +38,8 @@ public abstract class ManagerUserJaxrsFilter extends TokenFilter {
 				} else {
 					chain.doFilter(request, response);
 				}
+			} else {
+				options(request,response);
 			}
 		} catch (Exception e) {
 			e.printStackTrace();

o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/TokenFilter.java

@@ -1,6 +1,12 @@
 package com.x.base.core.project.jaxrs;
 
 import javax.servlet.Filter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 public abstract class TokenFilter implements Filter {
+
+	protected void options(HttpServletRequest request, HttpServletResponse response) {
+		response.setStatus(204);
+	}
 }

o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/UserJaxrsFilter.java

@@ -38,6 +38,8 @@ public abstract class UserJaxrsFilter extends TokenFilter {
 				} else {
 					chain.doFilter(request, response);
 				}
+			} else {
+				options(request,response);
 			}
 		} catch (Exception e) {
 			e.printStackTrace();