From 6013bae4c560fab019101d38653b4f11c0abeb2f Mon Sep 17 00:00:00 2001
From: "k.triantafyllou" <k.triantafyllou@di.uoa.gr>
Date: Fri, 4 Sep 2020 10:41:59 +0000
Subject: [PATCH] Add origin check, rename subscriber to member

---
 .../eu/dnetlib/uoaauthorizationlibrary/security/CorsConfig.java | 1 +
 src/main/resources/authorization.properties                     | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/CorsConfig.java b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/CorsConfig.java
index 2291af2..deee65a 100644
--- a/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/CorsConfig.java
+++ b/src/main/java/eu/dnetlib/uoaauthorizationlibrary/security/CorsConfig.java
@@ -20,6 +20,7 @@ public class CorsConfig extends WebMvcConfigurerAdapter {
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
                 .allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
+                .allowedOrigins(securityConfig.getOriginServer())
                 .allowCredentials(true);
     }
 }
diff --git a/src/main/resources/authorization.properties b/src/main/resources/authorization.properties
index 45a28ec..015aeb3 100644
--- a/src/main/resources/authorization.properties
+++ b/src/main/resources/authorization.properties
@@ -1,6 +1,6 @@
 #dev
 authorization.security.userInfoUrl = http://mpagasas.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=
-authorization.security.originServer = *
+authorization.security.originServer = di.uoa.gr
 
 #beta
 #authorization.security.userInfoUrl =  https://beta.services.openaire.eu/uoa-user-management/api/users/getUserInfo?accessToken=