Allow all origins

iam-login-service/src/main/java/it/infn/mw/iam/config/security/CorsConfig.java

@@ -15,8 +15,6 @@
  */
 package it.infn.mw.iam.config.security;
 
-import java.util.List;
-
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -46,24 +44,13 @@ public class CorsConfig {
     };
     //@formatter:on
 
-  private List<String> allowedOrigins;
-
-  public List<String> getAllowedOrigins() {
-    return allowedOrigins;
-  }
-
-  public void setAllowedOrigins(List<String> allowedOrigins) {
-    this.allowedOrigins = allowedOrigins;
-  }
-
   @Bean
   CorsFilter corsFilter() {
 
     CorsConfiguration corsConfig = new CorsConfiguration();
     corsConfig.setAllowedMethods(
         java.util.List.of("HEAD", "GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
     corsConfig.applyPermitDefaultValues();
-    corsConfig.setAllowedOriginPatterns(allowedOrigins);
 
     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
     for (String m : CORS_ENDPOINT_MATCHERS) {

iam-login-service/src/main/resources/application.yml

@@ -91,9 +91,6 @@ spring:
     pathmatch:
       matching-strategy: "ant-path-matcher"
 
-cors:
-  allowed-origins: ${ALLOWED_ORIGINS:**}
-
 iam:
   host: ${IAM_HOST:localhost}
   baseUrl: ${IAM_BASE_URL:http://${iam.host}:8080}