I'm using ca-central-1 region and I've implemented a cloudformation for Api Gateway REST API based on OpenAPI documentation. But if I go to web console and enable CORS it works.
Follow the steps by AWS documentation:
https://docs.amazonaws.cn/en_us/apigateway/latest/developerguide/enable-cors-for-resource-using-swagger-importer-tool.html
(file in attach to get right formatter)
yaml
AWSTemplateFormatVersion: 2010-09-09
Description: >-
Development stack containing: API Gateway based on OpenAPI.
Resources:
###############
# API Gateway #
###############
ApiGateway:
Type: "AWS::ApiGateway::RestApi"
Properties:
Name: project-api-gateway-dev
Tags:
- Key: application
Value: project
- Key: environment
Value: development
- Key: tier
Value: api
Body:
openapi: 3.0.1
info:
title: Project API
version: 0.0.1-SNAPSHOT
servers:
- url: 'http://localhost:8080/project'
description: Generated server url
paths:
/security-api/users/login:
options:
summary: CORS support
description: Enable CORS by returning correct headers
tags:
- CORS
responses:
'200':
description: Default response for CORS method
headers:
Access-Control-Allow-Origin:
schema:
type: string
Access-Control-Allow-Methods:
schema:
type: string
Access-Control-Allow-Headers:
schema:
type: string
content: { }
x-amazon-apigateway-integration:
type: mock
requestTemplates:
application/json: { "statusCode": 200 }
responses:
default:
statusCode: "200"
responseParameters:
method.response.header.Access-Control-Allow-Headers: '''*'''
method.response.header.Access-Control-Allow-Methods: '''*'''
method.response.header.Access-Control-Allow-Origin: '''*'''
responseTemplates:
application/json: { }
post:
tags:
- user-api-controller
summary: Spring Security Login
operationId: fakeLogin
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserLogin'
required: true
responses:
'200':
description: User successfully logged
content:
application/json:
schema:
$ref: '#/components/schemas/LoginResponse'
headers:
Access-Control-Allow-Origin:
schema:
type: string
Access-Control-Allow-Methods:
schema:
type: string
Access-Control-Allow-Headers:
schema:
type: string
'401':
description: User not authorized
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticationExceptionResponse'
x-amazon-apigateway-integration:
payloadFormatVersion: '1.0'
type: HTTP_PROXY
httpMethod: POST
uri: >-
http://${stageVariables.securityApiUrl}/users/login
responseParameters:
method.response.header.Access-Control-Allow-Headers: '''*'''
method.response.header.Access-Control-Allow-Methods: '''*'''
method.response.header.Access-Control-Allow-Origin: '''*'''
responseTemplates:
application/json: { }
components:
schemas:
UserResponse:
type: object
properties:
id:
type: string
description: User id
format: uuid
example: 409287d8-ba12-44dd-97dd-d67dec8ce740
email:
type: string
description: User email
example: nickname@company.com
name:
type: string
description: User name
example: Administrator
profile:
type: string
description: User profile
example: ADMIN
enum:
- ADMIN
internal:
type: boolean
description: User internal
example: false
description: DTO that represents the user contents.
UserLogin:
required:
- email
- password
type: object
properties:
email:
type: string
description: User email
example: nickname@company.com
password:
type: string
description: User password
description: DTO that represents the login contents.
##########################
# API Gateway Deployment #
##########################
ApiGatewayDeployment:
Type: AWS::ApiGateway::Deployment
Properties:
RestApiId: !Ref ApiGateway
#########################
# API Gateway Stage Dev #
#########################
ApiGatewayStageDev:
Type: AWS::ApiGateway::Stage
Properties:
StageName: dev
Description: Dev Stage
RestApiId: !Ref ApiGateway
DeploymentId: !Ref ApiGatewayDeployment
Variables:
securityApiUrl: urlElbSecurityApi
Outputs:
URL:
Value: !Sub "https://${ApiGateway}.execute-api.${AWS::Region}.amazonaws.com/${ApiGatewayStageDev}"
Edited by: mprado on Nov 26, 2020 3:15 AM
Edited by: mprado on Nov 26, 2020 3:16 AM