Spring Cloud APIGW, Spring Boot and OpenAPI issue - CORS issue

Question

I am using Spring Boot and Microservices stack using Spring Cloud APIGW. I am using the same code mentioned here: https://piotrminkowski.com/2020/02/20/microservices-api-documentation-with-springdoc-openapi/

When I hit any endpoint, I don't see response is coming and getting below error.

Access to fetch at 'http://192.168.0.2:49382/' from origin 'http://localhost:8060' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Source code: https://github.com/piomin/sample-spring-microservices-new

PAA · Accepted Answer · 2022-08-16T16:40:16.167

2

I was able to fix it by myself looking at suggestion here: Spring Cloud Gateway and Springdoc OpenAPi integration and https://github.com/springdoc/springdoc-openapi/issues/1144

I had to add below in apigw-service in application.properties file

server:
  forward-headers-strategy: framework

Also, in each microservice, you need to add below bean

@Bean
    public WebMvcConfigurer corsConfigurer() {
        return new WebMvcConfigurer() {

            @Override
            public void addCorsMappings(CorsRegistry registry) {
                registry.addMapping("/**").allowedMethods("HEAD", "GET", "PUT", "POST", "DELETE", "PATCH");
            }
        };
    }

edited Aug 16 '22 at 16:40

answered Aug 16 '22 at 14:58

PAA

1
46
174
282

I followed all the steps that you mentioned and I am still getting this error. Weird. – Nov 21 '22 at 13:01
1

server.forward-headers-strategy=framework The above property will go inside all the microservice which are running behind api-gateway and then it works. :) Thanks a lot buddy @PAA – Nov 21 '22 at 16:11
The Java code is not required. application.properties is sufficient to fix this issue. – Nov 21 '22 at 16:29
@an0nh4x0r was correct, this fixed it for me, though just the property was needed and the bean wasn't required. – aherocalledFrog Feb 03 '23 at 16:29

score 1 · Answer 2 · answered Nov 18 '22 at 14:55

You should add swagger configuration

@Configuration
@OpenAPIDefinition(servers = {
    @Server(url = "/", description = "Default Server URL")
})
public class SwaggerConfiguration {

@Bean
public OpenAPI customOpenAPI(@Value("springdoc-openapi-ui") String serviceTitle, @Value("1.6.12") String serviceVersion) {
    final String securitySchemeName = "bearerAuth";
    return new OpenAPI()
            .components(
                    new Components().addSecuritySchemes(
                            securitySchemeName,
                            new SecurityScheme()
                                    .type(SecurityScheme.Type.HTTP)
                                    .scheme("bearer")
                                    .bearerFormat("JWT")
                    )
            )
            .security(List.of(new SecurityRequirement().addList(securitySchemeName)))
            .info(new Info().title(serviceTitle).version(serviceVersion));
}
}

Spring Cloud APIGW, Spring Boot and OpenAPI issue - CORS issue

2 Answers2

Linked