Module io.helidon.webserver.cors
Package io.helidon.webserver.cors

Class CorsPathConfig.BuilderBase<BUILDER extends CorsPathConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends CorsPathConfig>

java.lang.Object
io.helidon.webserver.cors.CorsPathConfig.BuilderBase<BUILDER,PROTOTYPE>
Type Parameters:
BUILDER - type of the builder extending this abstract builder
PROTOTYPE - type of the prototype interface that would be built by Prototype.Builder.buildPrototype()
All Implemented Interfaces:
Prototype.Builder<BUILDER,PROTOTYPE>, ConfigBuilderSupport.ConfiguredBuilder<BUILDER,PROTOTYPE>, ConfigBuilderSupport.ConfiguredBuilder<BUILDER,PROTOTYPE>
Direct Known Subclasses:
CorsPathConfig.Builder
Enclosing interface:
CorsPathConfig
public abstract static class CorsPathConfig.BuilderBase<BUILDER extends CorsPathConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends CorsPathConfig> extends Object implements ConfigBuilderSupport.ConfiguredBuilder<BUILDER,PROTOTYPE>
Fluent API builder base for CorsPathConfig.

  • Constructor Details

    • BuilderBase

      protected BuilderBase()
      Protected to support extensibility.

  • Method Details

    • from

      public BUILDER from(CorsPathConfig prototype)
      Update this builder from an existing prototype instance. This method disables automatic service discovery.
      Parameters:
      prototype - existing prototype to update this builder from
      Returns:
      updated builder instance

    • from

      public BUILDER from(CorsPathConfig.BuilderBase<?,?> builder)
      Update this builder from an existing prototype builder instance.
      Parameters:
      builder - existing builder prototype to update this builder from
      Returns:
      updated builder instance

    • addAllowHeader

      public BUILDER addAllowHeader(HeaderName headerName)
      Add an allowed header name.
      Parameters:
      headerName - header name to add to the set of allowed headers
      Returns:
      updated builder instance

    • addExposeHeader

      public BUILDER addExposeHeader(HeaderName headerName)
      Add an exposed header name.
      Parameters:
      headerName - header name to add to the set of exposed headers
      Returns:
      updated builder instance

    • addAllowMethod

      public BUILDER addAllowMethod(Method method)
      Add an allowed method.
      Parameters:
      method - method to add to the set of allowed methods
      Returns:
      updated builder instance

    • config

      @Deprecated public BUILDER config(Config config)
      Deprecated.
      use config(io.helidon.config.Config)
      Update builder from configuration (node of this type). If a value is present in configuration, it would override currently configured values.
      Specified by:
      config in interface ConfigBuilderSupport.ConfiguredBuilder<BUILDER extends CorsPathConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends CorsPathConfig>
      Parameters:
      config - configuration instance used to obtain values to update this builder
      Returns:
      updated builder instance

    • config

      public BUILDER config(Config config)
      Update builder from configuration (node of this type). If a value is present in configuration, it would override currently configured values.
      Specified by:
      config in interface ConfigBuilderSupport.ConfiguredBuilder<BUILDER extends CorsPathConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends CorsPathConfig>
      Parameters:
      config - configuration instance used to obtain values to update this builder
      Returns:
      updated builder instance

    • pathPattern

      public BUILDER pathPattern(String pathPattern)
      Path pattern to apply this configuration for. Note that paths are checked in sequence, and the first path that matches the request will be used to configure CORS.

      Always configure the most restrictive rules first.

      Parameters:
      pathPattern - path pattern as understood by WebServer routing
      Returns:
      updated builder instance
      See Also:

    • exclusive

      public BUILDER exclusive(boolean exclusive)
      Whether this acts as an exclusive configuration for the configured pathPattern. If exclusive, any CORS request matching the pattern will be exclusively handled with this configuration. If not exclusive, only CORS request matching the pattern AND a method will be handled by this configuration.
      Parameters:
      exclusive - whether this is an exclusive configuration for the provided path, defaults to true
      Returns:
      updated builder instance
      See Also:

    • enabled

      public BUILDER enabled(boolean enabled)
      Whether this CORS configuration should be enabled or not. If disabled, this configuration will be ignored, and the next path will be checked.
      Parameters:
      enabled - whether this configuration is enabled
      Returns:
      updated builder instance
      See Also:

    • clearAllowOrigins

      public BUILDER clearAllowOrigins()
      Clear all allowOrigins.
      Returns:
      updated builder instance
      See Also:

    • allowOrigins

      public BUILDER allowOrigins(Set<String> allowOrigins)
      Set of allowed origins, defaults to all.

      If not empty, this will be used with "Access-Control-Allow-Origin" header. Note that allowed origins may be either a full origin, such as http://www.example.com, or a regular expression. Any origin that contains (\), or *, or curly braces is considered a regular expression (i.e. http://.*\.example\.com).

      If you configure a regular expression, it would never be returned if all allowed origins are returned in a pre-flight request.

      Parameters:
      allowOrigins - allowed origins
      Returns:
      updated builder instance
      See Also:

    • addAllowOrigins

      public BUILDER addAllowOrigins(Set<String> allowOrigins)
      Set of allowed origins, defaults to all.

      If not empty, this will be used with "Access-Control-Allow-Origin" header. Note that allowed origins may be either a full origin, such as http://www.example.com, or a regular expression. Any origin that contains (\), or *, or curly braces is considered a regular expression (i.e. http://.*\.example\.com).

      If you configure a regular expression, it would never be returned if all allowed origins are returned in a pre-flight request.

      Parameters:
      allowOrigins - allowed origins
      Returns:
      updated builder instance
      See Also:

    • addAllowOrigin

      public BUILDER addAllowOrigin(String allowOrigin)
      Set of allowed origins, defaults to all.

      If not empty, this will be used with "Access-Control-Allow-Origin" header. Note that allowed origins may be either a full origin, such as http://www.example.com, or a regular expression. Any origin that contains (\), or *, or curly braces is considered a regular expression (i.e. http://.*\.example\.com).

      If you configure a regular expression, it would never be returned if all allowed origins are returned in a pre-flight request.

      Parameters:
      allowOrigin - add single allowed origins
      Returns:
      updated builder instance
      See Also:

    • clearAllowHeaders

      public BUILDER clearAllowHeaders()
      Clear all allowHeaders.
      Returns:
      updated builder instance
      See Also:

    • allowHeaders

      public BUILDER allowHeaders(Set<String> allowHeaders)
      Set of allowed headers, defaults to all.

      If not empty, this will be used in "Access-Control-Allow-Headers" header.

      Parameters:
      allowHeaders - allowed headers
      Returns:
      updated builder instance
      See Also:

    • addAllowHeaders

      public BUILDER addAllowHeaders(Set<String> allowHeaders)
      Set of allowed headers, defaults to all.

      If not empty, this will be used in "Access-Control-Allow-Headers" header.

      Parameters:
      allowHeaders - allowed headers
      Returns:
      updated builder instance
      See Also:

    • addAllowHeader

      public BUILDER addAllowHeader(String allowHeader)
      Set of allowed headers, defaults to all.

      If not empty, this will be used in "Access-Control-Allow-Headers" header.

      Parameters:
      allowHeader - add single allowed headers
      Returns:
      updated builder instance
      See Also:

    • clearAllowMethods

      public BUILDER clearAllowMethods()
      Clear all allowMethods.
      Returns:
      updated builder instance
      See Also:

    • allowMethods

      public BUILDER allowMethods(Set<String> allowMethods)
      Set of allowed methods, defaults to all.
      Parameters:
      allowMethods - allowed methods
      Returns:
      updated builder instance
      See Also:

    • addAllowMethods

      public BUILDER addAllowMethods(Set<String> allowMethods)
      Set of allowed methods, defaults to all.
      Parameters:
      allowMethods - allowed methods
      Returns:
      updated builder instance
      See Also:

    • addAllowMethod

      public BUILDER addAllowMethod(String allowMethod)
      Set of allowed methods, defaults to all.
      Parameters:
      allowMethod - add single allowed methods
      Returns:
      updated builder instance
      See Also:

    • clearExposeHeaders

      public BUILDER clearExposeHeaders()
      Clear all exposeHeaders.
      Returns:
      updated builder instance
      See Also:

    • exposeHeaders

      public BUILDER exposeHeaders(Set<String> exposeHeaders)
      Set of exposed headers, defaults to none.

      If not empty, this will be used in "Access-Control-Expose-Headers" header.

      Parameters:
      exposeHeaders - exposed headers
      Returns:
      updated builder instance
      See Also:

    • addExposeHeaders

      public BUILDER addExposeHeaders(Set<String> exposeHeaders)
      Set of exposed headers, defaults to none.

      If not empty, this will be used in "Access-Control-Expose-Headers" header.

      Parameters:
      exposeHeaders - exposed headers
      Returns:
      updated builder instance
      See Also:

    • addExposeHeader

      public BUILDER addExposeHeader(String exposeHeader)
      Set of exposed headers, defaults to none.

      If not empty, this will be used in "Access-Control-Expose-Headers" header.

      Parameters:
      exposeHeader - add single exposed headers
      Returns:
      updated builder instance
      See Also:

    • allowCredentials

      public BUILDER allowCredentials(boolean allowCredentials)
      Whether to allow credentials.

      If enabled, this will be used in "Access-Control-Allow-Credentials" header.

      Parameters:
      allowCredentials - whether to allow credentials, defaults to false
      Returns:
      updated builder instance
      See Also:

    • maxAge

      public BUILDER maxAge(Duration maxAge)
      Max age as a duration.

      This value will be used in "Access-Control-Max-Age" header (in seconds).

      For backward compatibility, you can specify the following when used from configuration:

      • integer (such as 3600) - number of seconds as a number
      • integer ms (such as 10000 ms) - number of milliseconds
      • duration format (such as PT1H) - format of Duration
      Parameters:
      maxAge - max age
      Returns:
      updated builder instance
      See Also:

    • pathPattern

      public Optional<String> pathPattern()
      Path pattern to apply this configuration for. Note that paths are checked in sequence, and the first path that matches the request will be used to configure CORS.

      Always configure the most restrictive rules first.

      Returns:
      path pattern as understood by WebServer routing

    • exclusive

      public boolean exclusive()
      Whether this acts as an exclusive configuration for the configured pathPattern. If exclusive, any CORS request matching the pattern will be exclusively handled with this configuration. If not exclusive, only CORS request matching the pattern AND a method will be handled by this configuration.
      Returns:
      whether this is an exclusive configuration for the provided path, defaults to true

    • enabled

      public boolean enabled()
      Whether this CORS configuration should be enabled or not. If disabled, this configuration will be ignored, and the next path will be checked.
      Returns:
      whether this configuration is enabled

    • allowOrigins

      public Set<String> allowOrigins()
      Set of allowed origins, defaults to all.

      If not empty, this will be used with "Access-Control-Allow-Origin" header. Note that allowed origins may be either a full origin, such as http://www.example.com, or a regular expression. Any origin that contains (\), or *, or curly braces is considered a regular expression (i.e. http://.*\.example\.com).

      If you configure a regular expression, it would never be returned if all allowed origins are returned in a pre-flight request.

      Returns:
      allowed origins

    • allowHeaders

      public Set<String> allowHeaders()
      Set of allowed headers, defaults to all.

      If not empty, this will be used in "Access-Control-Allow-Headers" header.

      Returns:
      allowed headers

    • allowMethods

      public Set<String> allowMethods()
      Set of allowed methods, defaults to all.
      Returns:
      allowed methods

    • exposeHeaders

      public Set<String> exposeHeaders()
      Set of exposed headers, defaults to none.

      If not empty, this will be used in "Access-Control-Expose-Headers" header.

      Returns:
      exposed headers

    • allowCredentials

      public boolean allowCredentials()
      Whether to allow credentials.

      If enabled, this will be used in "Access-Control-Allow-Credentials" header.

      Returns:
      whether to allow credentials, defaults to false

    • maxAge

      public Duration maxAge()
      Max age as a duration.

      This value will be used in "Access-Control-Max-Age" header (in seconds).

      For backward compatibility, you can specify the following when used from configuration:

      • integer (such as 3600) - number of seconds as a number
      • integer ms (such as 10000 ms) - number of milliseconds
      • duration format (such as PT1H) - format of Duration
      Returns:
      max age

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • preBuildPrototype

      protected void preBuildPrototype()
      Handles providers and decorators.

    • validatePrototype

      protected void validatePrototype()
      Validates required properties.

    • config

      protected Optional<Config> config()
      Configuration used to configure this instance.
      Returns:
      config instance