Rename originsPattern to originPatterns

See gh-25016

spring-web/src/main/java/org/springframework/web/bind/annotation/CrossOrigin.java

@@ -109,7 +109,7 @@ public @interface CrossOrigin {
 	 * See the Spring Framework reference for more on this filter.
 	 * @see #value
 	 */
-	String[] originsPatterns() default {};
+	String[] originPatterns() default {};
 
 	/**
 	 * The list of request headers that are permitted in actual requests,

spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java

@@ -77,7 +77,7 @@ public class CorsConfiguration {
 	private List<String> allowedOrigins;
 
 	@Nullable
-	private List<Pattern> allowedOriginsPatterns;
+	private List<Pattern> allowedOriginPatterns;
 
 	@Nullable
 	private List<String> allowedMethods;
@@ -112,7 +112,7 @@ public class CorsConfiguration {
 	 */
 	public CorsConfiguration(CorsConfiguration other) {
 		this.allowedOrigins = other.allowedOrigins;
-		this.allowedOriginsPatterns = other.allowedOriginsPatterns;
+		this.allowedOriginPatterns = other.allowedOriginPatterns;
 		this.allowedMethods = other.allowedMethods;
 		this.resolvedMethods = other.resolvedMethods;
 		this.allowedHeaders = other.allowedHeaders;
@@ -158,14 +158,14 @@ public class CorsConfiguration {
 	 * Set the origins patterns to allow, e.g. {@code "*.com"}.
 	 * <p>By default this is not set.
 	 */
-	public CorsConfiguration setAllowedOriginsPatterns(@Nullable List<String> allowedOriginsPatterns) {
-		if (allowedOriginsPatterns == null) {
-			this.allowedOriginsPatterns = null;
+	public CorsConfiguration setAllowedOriginPatterns(@Nullable List<String> allowedOriginPatterns) {
+		if (allowedOriginPatterns == null) {
+			this.allowedOriginPatterns = null;
 		}
 		else {
-			this.allowedOriginsPatterns = new ArrayList<>(allowedOriginsPatterns.size());
-			for (String pattern : allowedOriginsPatterns) {
-				this.allowedOriginsPatterns.add(Pattern.compile(pattern));
+			this.allowedOriginPatterns = new ArrayList<>(allowedOriginPatterns.size());
+			for (String pattern : allowedOriginPatterns) {
+				this.allowedOriginPatterns.add(Pattern.compile(pattern));
 			}
 		}
 
@@ -176,30 +176,30 @@ public class CorsConfiguration {
 	 * Return the configured origins patterns to allow, or {@code null} if none.
 	 *
 	 * @see #addAllowedOriginPattern(String)
-	 * @see #setAllowedOriginsPatterns(List)
+	 * @see #setAllowedOriginPatterns(List)
 	 */
 	@Nullable
-	public List<String> getAllowedOriginsPatterns() {
-		if (this.allowedOriginsPatterns == null) {
+	public List<String> getAllowedOriginPatterns() {
+		if (this.allowedOriginPatterns == null) {
 			return null;
 		}
-		if (this.allowedOriginsPatterns == DEFAULT_PERMIT_ALL_PATTERN) {
+		if (this.allowedOriginPatterns == DEFAULT_PERMIT_ALL_PATTERN) {
 			return DEFAULT_PERMIT_ALL_PATTERN_STR;
 		}
-		return this.allowedOriginsPatterns.stream().map(Pattern::toString).collect(Collectors.toList());
+		return this.allowedOriginPatterns.stream().map(Pattern::toString).collect(Collectors.toList());
 	}
 
 	/**
 	 * Add an origin pattern to allow.
 	 */
 	public void addAllowedOriginPattern(String originPattern) {
-		if (this.allowedOriginsPatterns == null) {
-			this.allowedOriginsPatterns = new ArrayList<>(4);
+		if (this.allowedOriginPatterns == null) {
+			this.allowedOriginPatterns = new ArrayList<>(4);
 		}
-		else if (this.allowedOriginsPatterns == DEFAULT_PERMIT_ALL_PATTERN) {
-			setAllowedOriginsPatterns(DEFAULT_PERMIT_ALL_PATTERN_STR);
+		else if (this.allowedOriginPatterns == DEFAULT_PERMIT_ALL_PATTERN) {
+			setAllowedOriginPatterns(DEFAULT_PERMIT_ALL_PATTERN_STR);
 		}
-		this.allowedOriginsPatterns.add(Pattern.compile(originPattern));
+		this.allowedOriginPatterns.add(Pattern.compile(originPattern));
 	}
 
 	/**
@@ -413,7 +413,7 @@ public class CorsConfiguration {
 	 * </ul>
 	 */
 	public CorsConfiguration applyPermitDefaultValues() {
-		if (this.allowedOrigins == null && this.allowedOriginsPatterns == null) {
+		if (this.allowedOrigins == null && this.allowedOriginPatterns == null) {
 			this.allowedOrigins = DEFAULT_PERMIT_ALL;
 		}
 		if (this.allowedMethods == null) {
@@ -455,13 +455,13 @@ public class CorsConfiguration {
 		}
 		CorsConfiguration config = new CorsConfiguration(this);
 		List<String> combinedOrigins = combine(getAllowedOrigins(), other.getAllowedOrigins());
-		List<String> combinedOriginsPatterns = combine(getAllowedOriginsPatterns(), other.getAllowedOriginsPatterns());
-		if (combinedOrigins == DEFAULT_PERMIT_ALL && combinedOriginsPatterns != DEFAULT_PERMIT_ALL_PATTERN_STR
-			&& !CollectionUtils.isEmpty(combinedOriginsPatterns)) {
+		List<String> combinedOriginPatterns = combine(getAllowedOriginPatterns(), other.getAllowedOriginPatterns());
+		if (combinedOrigins == DEFAULT_PERMIT_ALL && combinedOriginPatterns != DEFAULT_PERMIT_ALL_PATTERN_STR
+			&& !CollectionUtils.isEmpty(combinedOriginPatterns)) {
 			combinedOrigins = null;
 		}
 		config.setAllowedOrigins(combinedOrigins);
-		config.setAllowedOriginsPatterns(combinedOriginsPatterns);
+		config.setAllowedOriginPatterns(combinedOriginPatterns);
 		config.setAllowedMethods(combine(getAllowedMethods(), other.getAllowedMethods()));
 		config.setAllowedHeaders(combine(getAllowedHeaders(), other.getAllowedHeaders()));
 		config.setExposedHeaders(combine(getExposedHeaders(), other.getExposedHeaders()));
@@ -529,8 +529,8 @@ public class CorsConfiguration {
 				}
 			}
 		}
-		if (!ObjectUtils.isEmpty(this.allowedOriginsPatterns)) {
-			for (Pattern allowedOriginsPattern : this.allowedOriginsPatterns) {
+		if (!ObjectUtils.isEmpty(this.allowedOriginPatterns)) {
+			for (Pattern allowedOriginsPattern : this.allowedOriginPatterns) {
 				if (allowedOriginsPattern.pattern().equals(ALL_PATTERN)) {
 					if (this.allowCredentials != Boolean.TRUE) {
 						return ALL;

spring-web/src/test/java/org/springframework/web/cors/CorsConfigurationTests.java

@@ -50,28 +50,28 @@ public class CorsConfigurationTests {
 		assertThat(config.getAllowCredentials()).isNull();
 		config.setMaxAge((Long) null);
 		assertThat(config.getMaxAge()).isNull();
-		config.setAllowedOriginsPatterns(null);
-		assertThat(config.getAllowedOriginsPatterns()).isNull();
+		config.setAllowedOriginPatterns(null);
+		assertThat(config.getAllowedOriginPatterns()).isNull();
 	}
 
 	@Test
 	public void setValues() {
 		CorsConfiguration config = new CorsConfiguration();
 		config.addAllowedOrigin("*");
-		assertThat(config.getAllowedOrigins()).isEqualTo(Arrays.asList("*"));
+		assertThat(config.getAllowedOrigins()).containsExactly("*");
 		config.addAllowedHeader("*");
-		assertThat(config.getAllowedHeaders()).isEqualTo(Arrays.asList("*"));
+		assertThat(config.getAllowedHeaders()).containsExactly("*");
 		config.addAllowedMethod("*");
-		assertThat(config.getAllowedMethods()).isEqualTo(Arrays.asList("*"));
+		assertThat(config.getAllowedMethods()).containsExactly("*");
 		config.addExposedHeader("header1");
 		config.addExposedHeader("header2");
-		assertThat(config.getExposedHeaders()).isEqualTo(Arrays.asList("header1", "header2"));
+		assertThat(config.getExposedHeaders()).containsExactly("header1", "header2");
 		config.setAllowCredentials(true);
-		assertThat((boolean) config.getAllowCredentials()).isTrue();
+		assertThat(config.getAllowCredentials()).isTrue();
 		config.setMaxAge(123L);
 		assertThat(config.getMaxAge()).isEqualTo(new Long(123));
 		config.addAllowedOriginPattern(".*\\.example\\.com");
-		assertThat(config.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*\\.example\\.com"));
+		assertThat(config.getAllowedOriginPatterns()).containsExactly(".*\\.example\\.com");
 	}
 
 	@Test
@@ -84,16 +84,16 @@ public class CorsConfigurationTests {
 	@Test
 	public void asteriskWildCardOnSetExposedHeaders() {
 		CorsConfiguration config = new CorsConfiguration();
-		assertThatIllegalArgumentException().isThrownBy(() ->
-				config.setExposedHeaders(Arrays.asList("*")));
+		assertThatIllegalArgumentException()
+				.isThrownBy(() -> config.setExposedHeaders(Collections.singletonList("*")));
 	}
 
 	@Test
 	public void combineWithNull() {
 		CorsConfiguration config = new CorsConfiguration();
-		config.setAllowedOrigins(Arrays.asList("*"));
+		config.setAllowedOrigins(Collections.singletonList("*"));
 		config.combine(null);
-		assertThat(config.getAllowedOrigins()).isEqualTo(Arrays.asList("*"));
+		assertThat(config.getAllowedOrigins()).containsExactly("*");
 	}
 
 	@Test
@@ -105,16 +105,17 @@ public class CorsConfigurationTests {
 		config.addAllowedMethod(HttpMethod.GET.name());
 		config.setMaxAge(123L);
 		config.setAllowCredentials(true);
-		config.setAllowedOriginsPatterns(Arrays.asList(".*\\.example\\.com"));
+		config.setAllowedOriginPatterns(Collections.singletonList(".*\\.example\\.com"));
 		CorsConfiguration other = new CorsConfiguration();
 		config = config.combine(other);
-		assertThat(config.getAllowedOrigins()).isEqualTo(Arrays.asList("*"));
-		assertThat(config.getAllowedHeaders()).isEqualTo(Arrays.asList("header1"));
-		assertThat(config.getExposedHeaders()).isEqualTo(Arrays.asList("header3"));
-		assertThat(config.getAllowedMethods()).isEqualTo(Arrays.asList(HttpMethod.GET.name()));
+		assertThat(config).isNotNull();
+		assertThat(config.getAllowedOrigins()).containsExactly("*");
+		assertThat(config.getAllowedHeaders()).containsExactly("header1");
+		assertThat(config.getExposedHeaders()).containsExactly("header3");
+		assertThat(config.getAllowedMethods()).containsExactly(HttpMethod.GET.name());
 		assertThat(config.getMaxAge()).isEqualTo(new Long(123));
-		assertThat((boolean) config.getAllowCredentials()).isTrue();
-		assertThat(config.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*\\.example\\.com"));
+		assertThat(config.getAllowCredentials()).isTrue();
+		assertThat(config.getAllowedOriginPatterns()).containsExactly(".*\\.example\\.com");
 	}
 
 	@Test  // SPR-15772
@@ -126,26 +127,30 @@ public class CorsConfigurationTests {
 		other.addAllowedMethod(HttpMethod.PUT.name());
 
 		CorsConfiguration combinedConfig = config.combine(other);
-		assertThat(combinedConfig.getAllowedOrigins()).isEqualTo(Arrays.asList("https://domain.com"));
-		assertThat(combinedConfig.getAllowedHeaders()).isEqualTo(Arrays.asList("header1"));
-		assertThat(combinedConfig.getAllowedMethods()).isEqualTo(Arrays.asList(HttpMethod.PUT.name()));
+		assertThat(combinedConfig).isNotNull();
+		assertThat(combinedConfig.getAllowedOrigins()).containsExactly("https://domain.com");
+		assertThat(combinedConfig.getAllowedHeaders()).containsExactly("header1");
+		assertThat(combinedConfig.getAllowedMethods()).containsExactly(HttpMethod.PUT.name());
 
 		combinedConfig = other.combine(config);
-		assertThat(combinedConfig.getAllowedOrigins()).isEqualTo(Arrays.asList("https://domain.com"));
-		assertThat(combinedConfig.getAllowedHeaders()).isEqualTo(Arrays.asList("header1"));
-		assertThat(combinedConfig.getAllowedMethods()).isEqualTo(Arrays.asList(HttpMethod.PUT.name()));
+		assertThat(combinedConfig).isNotNull();
+		assertThat(combinedConfig.getAllowedOrigins()).containsExactly("https://domain.com");
+		assertThat(combinedConfig.getAllowedHeaders()).containsExactly("header1");
+		assertThat(combinedConfig.getAllowedMethods()).containsExactly(HttpMethod.PUT.name());
 
 		combinedConfig = config.combine(new CorsConfiguration());
-		assertThat(config.getAllowedOrigins()).isEqualTo(Arrays.asList("*"));
-		assertThat(config.getAllowedHeaders()).isEqualTo(Arrays.asList("*"));
-		assertThat(combinedConfig.getAllowedMethods()).isEqualTo(Arrays.asList(HttpMethod.GET.name(), HttpMethod.HEAD.name(),
-				HttpMethod.POST.name()));
+		assertThat(config.getAllowedOrigins()).containsExactly("*");
+		assertThat(config.getAllowedHeaders()).containsExactly("*");
+		assertThat(combinedConfig).isNotNull();
+		assertThat(combinedConfig.getAllowedMethods())
+				.containsExactly(HttpMethod.GET.name(), HttpMethod.HEAD.name(), HttpMethod.POST.name());
 
 		combinedConfig = new CorsConfiguration().combine(config);
-		assertThat(config.getAllowedOrigins()).isEqualTo(Arrays.asList("*"));
-		assertThat(config.getAllowedHeaders()).isEqualTo(Arrays.asList("*"));
-		assertThat(combinedConfig.getAllowedMethods()).isEqualTo(Arrays.asList(HttpMethod.GET.name(), HttpMethod.HEAD.name(),
-				HttpMethod.POST.name()));
+		assertThat(config.getAllowedOrigins()).containsExactly("*");
+		assertThat(config.getAllowedHeaders()).containsExactly("*");
+		assertThat(combinedConfig).isNotNull();
+		assertThat(combinedConfig.getAllowedMethods())
+				.containsExactly(HttpMethod.GET.name(), HttpMethod.HEAD.name(), HttpMethod.POST.name());
 	}
 
 	@Test
@@ -155,28 +160,32 @@ public class CorsConfigurationTests {
 		other.addAllowedOriginPattern(".*\\.com");
 
 		CorsConfiguration combinedConfig = other.combine(config);
+		assertThat(combinedConfig).isNotNull();
 		assertThat(combinedConfig.getAllowedOrigins()).isNull();
-		assertThat(combinedConfig.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*\\.com"));
+		assertThat(combinedConfig.getAllowedOriginPatterns()).containsExactly(".*\\.com");
 
 		combinedConfig = config.combine(other);
+		assertThat(combinedConfig).isNotNull();
 		assertThat(combinedConfig.getAllowedOrigins()).isNull();
-		assertThat(combinedConfig.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*\\.com"));
+		assertThat(combinedConfig.getAllowedOriginPatterns()).containsExactly(".*\\.com");
 	}
 
 	@Test
 	public void combinePatternWithDefaultPermitValuesAndCustomOrigin() {
 		CorsConfiguration config = new CorsConfiguration().applyPermitDefaultValues();
-		config.setAllowedOrigins(Arrays.asList("https://domain.com"));
+		config.setAllowedOrigins(Collections.singletonList("https://domain.com"));
 		CorsConfiguration other = new CorsConfiguration();
 		other.addAllowedOriginPattern(".*\\.com");
 
 		CorsConfiguration combinedConfig = other.combine(config);
-		assertThat(combinedConfig.getAllowedOrigins()).isEqualTo(Arrays.asList("https://domain.com"));
-		assertThat(combinedConfig.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*\\.com"));
+		assertThat(combinedConfig).isNotNull();
+		assertThat(combinedConfig.getAllowedOrigins()).containsExactly("https://domain.com");
+		assertThat(combinedConfig.getAllowedOriginPatterns()).containsExactly(".*\\.com");
 
 		combinedConfig = config.combine(other);
-		assertThat(combinedConfig.getAllowedOrigins()).isEqualTo(Arrays.asList("https://domain.com"));
-		assertThat(combinedConfig.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*\\.com"));
+		assertThat(combinedConfig).isNotNull();
+		assertThat(combinedConfig.getAllowedOrigins()).containsExactly("https://domain.com");
+		assertThat(combinedConfig.getAllowedOriginPatterns()).containsExactly(".*\\.com");
 	}
 
 	@Test
@@ -193,15 +202,17 @@ public class CorsConfigurationTests {
 		other.addAllowedOriginPattern(".*\\.company\\.com");
 		other.addAllowedMethod(HttpMethod.PUT.name());
 		CorsConfiguration combinedConfig = config.combine(other);
-		assertThat(combinedConfig.getAllowedOrigins()).isEqualTo(Arrays.asList("*"));
-		assertThat(combinedConfig.getAllowedHeaders()).isEqualTo(Arrays.asList("*"));
-		assertThat(combinedConfig.getAllowedMethods()).isEqualTo(Arrays.asList("*"));
-		assertThat(combinedConfig.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*"));
+		assertThat(combinedConfig).isNotNull();
+		assertThat(combinedConfig.getAllowedOrigins()).containsExactly("*");
+		assertThat(combinedConfig.getAllowedHeaders()).containsExactly("*");
+		assertThat(combinedConfig.getAllowedMethods()).containsExactly("*");
+		assertThat(combinedConfig.getAllowedOriginPatterns()).containsExactly(".*");
 		combinedConfig = other.combine(config);
-		assertThat(combinedConfig.getAllowedOrigins()).isEqualTo(Arrays.asList("*"));
-		assertThat(combinedConfig.getAllowedHeaders()).isEqualTo(Arrays.asList("*"));
-		assertThat(combinedConfig.getAllowedMethods()).isEqualTo(Arrays.asList("*"));
-		assertThat(combinedConfig.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*"));
+		assertThat(combinedConfig).isNotNull();
+		assertThat(combinedConfig.getAllowedOrigins()).containsExactly("*");
+		assertThat(combinedConfig.getAllowedHeaders()).containsExactly("*");
+		assertThat(combinedConfig.getAllowedMethods()).containsExactly("*");
+		assertThat(combinedConfig.getAllowedOriginPatterns()).containsExactly(".*");
 	}
 
 	@Test  // SPR-14792
@@ -224,11 +235,12 @@ public class CorsConfigurationTests {
 		other.addAllowedMethod(HttpMethod.GET.name());
 		other.addAllowedOriginPattern(".*\\.domain1\\.com");
 		CorsConfiguration combinedConfig = config.combine(other);
-		assertThat(combinedConfig.getAllowedOrigins()).isEqualTo(Arrays.asList("https://domain1.com", "https://domain2.com"));
-		assertThat(combinedConfig.getAllowedHeaders()).isEqualTo(Arrays.asList("header1", "header2"));
-		assertThat(combinedConfig.getExposedHeaders()).isEqualTo(Arrays.asList("header3", "header4"));
-		assertThat(combinedConfig.getAllowedMethods()).isEqualTo(Arrays.asList(HttpMethod.GET.name(), HttpMethod.PUT.name()));
-		assertThat(combinedConfig.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*\\.domain1\\.com", ".*\\.domain2\\.com"));
+		assertThat(combinedConfig).isNotNull();
+		assertThat(combinedConfig.getAllowedOrigins()).containsExactly("https://domain1.com", "https://domain2.com");
+		assertThat(combinedConfig.getAllowedHeaders()).containsExactly("header1", "header2");
+		assertThat(combinedConfig.getExposedHeaders()).containsExactly("header3", "header4");
+		assertThat(combinedConfig.getAllowedMethods()).containsExactly(HttpMethod.GET.name(), HttpMethod.PUT.name());
+		assertThat(combinedConfig.getAllowedOriginPatterns()).containsExactly(".*\\.domain1\\.com", ".*\\.domain2\\.com");
 	}
 
 	@Test
@@ -250,23 +262,25 @@ public class CorsConfigurationTests {
 		other.setAllowCredentials(false);
 		other.addAllowedOriginPattern(".*\\.domain2\\.com");
 		config = config.combine(other);
-		assertThat(config.getAllowedOrigins()).isEqualTo(Arrays.asList("https://domain1.com", "https://domain2.com"));
-		assertThat(config.getAllowedHeaders()).isEqualTo(Arrays.asList("header1", "header2"));
-		assertThat(config.getExposedHeaders()).isEqualTo(Arrays.asList("header3", "header4"));
-		assertThat(config.getAllowedMethods()).isEqualTo(Arrays.asList(HttpMethod.GET.name(), HttpMethod.PUT.name()));
+		assertThat(config).isNotNull();
+		assertThat(config.getAllowedOrigins()).containsExactly("https://domain1.com", "https://domain2.com");
+		assertThat(config.getAllowedHeaders()).containsExactly("header1", "header2");
+		assertThat(config.getExposedHeaders()).containsExactly("header3", "header4");
+		assertThat(config.getAllowedMethods()).containsExactly(HttpMethod.GET.name(), HttpMethod.PUT.name());
 		assertThat(config.getMaxAge()).isEqualTo(new Long(456));
-		assertThat((boolean) config.getAllowCredentials()).isFalse();
-		assertThat(config.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*\\.domain1\\.com", ".*\\.domain2\\.com"));
+		assertThat(config).isNotNull();
+		assertThat(config.getAllowCredentials()).isFalse();
+		assertThat(config.getAllowedOriginPatterns()).containsExactly(".*\\.domain1\\.com", ".*\\.domain2\\.com");
 	}
 
 	@Test
 	public void checkOriginAllowed() {
 		CorsConfiguration config = new CorsConfiguration();
-		config.setAllowedOrigins(Arrays.asList("*"));
+		config.setAllowedOrigins(Collections.singletonList("*"));
 		assertThat(config.checkOrigin("https://domain.com")).isEqualTo("*");
 		config.setAllowCredentials(true);
 		assertThat(config.checkOrigin("https://domain.com")).isEqualTo("https://domain.com");
-		config.setAllowedOrigins(Arrays.asList("https://domain.com"));
+		config.setAllowedOrigins(Collections.singletonList("https://domain.com"));
 		assertThat(config.checkOrigin("https://domain.com")).isEqualTo("https://domain.com");
 		config.setAllowCredentials(false);
 		assertThat(config.checkOrigin("https://domain.com")).isEqualTo("https://domain.com");
@@ -279,7 +293,7 @@ public class CorsConfigurationTests {
 		assertThat(config.checkOrigin("https://domain.com")).isNull();
 		config.addAllowedOrigin("*");
 		assertThat(config.checkOrigin(null)).isNull();
-		config.setAllowedOrigins(Arrays.asList("https://domain1.com"));
+		config.setAllowedOrigins(Collections.singletonList("https://domain1.com"));
 		assertThat(config.checkOrigin("https://domain2.com")).isNull();
 		config.setAllowedOrigins(new ArrayList<>());
 		assertThat(config.checkOrigin("https://domain.com")).isNull();
@@ -288,11 +302,11 @@ public class CorsConfigurationTests {
 	@Test
 	public void checkOriginPatternAllowed() {
 		CorsConfiguration config = new CorsConfiguration();
-		config.setAllowedOriginsPatterns(Arrays.asList(".*"));
+		config.setAllowedOriginPatterns(Collections.singletonList(".*"));
 		assertThat(config.checkOrigin("https://domain.com")).isEqualTo("*");
 		config.setAllowCredentials(true);
 		assertThat(config.checkOrigin("https://domain.com")).isEqualTo("https://domain.com");
-		config.setAllowedOriginsPatterns(Arrays.asList(".*\\.domain\\.com"));
+		config.setAllowedOriginPatterns(Collections.singletonList(".*\\.domain\\.com"));
 		assertThat(config.checkOrigin("https://example.domain.com")).isEqualTo("https://example.domain.com");
 		config.setAllowCredentials(false);
 		assertThat(config.checkOrigin("https://example.domain.com")).isEqualTo("https://example.domain.com");
@@ -305,21 +319,21 @@ public class CorsConfigurationTests {
 		assertThat(config.checkOrigin("https://domain.com")).isNull();
 		config.addAllowedOriginPattern(".*");
 		assertThat(config.checkOrigin(null)).isNull();
-		config.setAllowedOriginsPatterns(Arrays.asList(".*\\.domain1\\.com"));
+		config.setAllowedOriginPatterns(Collections.singletonList(".*\\.domain1\\.com"));
 		assertThat(config.checkOrigin("https://domain2.com")).isNull();
-		config.setAllowedOriginsPatterns(new ArrayList<>());
+		config.setAllowedOriginPatterns(new ArrayList<>());
 		assertThat(config.checkOrigin("https://domain.com")).isNull();
 	}
 
 	@Test
 	public void checkMethodAllowed() {
 		CorsConfiguration config = new CorsConfiguration();
-		assertThat(config.checkHttpMethod(HttpMethod.GET)).isEqualTo(Arrays.asList(HttpMethod.GET, HttpMethod.HEAD));
+		assertThat(config.checkHttpMethod(HttpMethod.GET)).containsExactly(HttpMethod.GET, HttpMethod.HEAD);
 		config.addAllowedMethod("GET");
-		assertThat(config.checkHttpMethod(HttpMethod.GET)).isEqualTo(Arrays.asList(HttpMethod.GET));
+		assertThat(config.checkHttpMethod(HttpMethod.GET)).containsExactly(HttpMethod.GET);
 		config.addAllowedMethod("POST");
-		assertThat(config.checkHttpMethod(HttpMethod.GET)).isEqualTo(Arrays.asList(HttpMethod.GET, HttpMethod.POST));
-		assertThat(config.checkHttpMethod(HttpMethod.POST)).isEqualTo(Arrays.asList(HttpMethod.GET, HttpMethod.POST));
+		assertThat(config.checkHttpMethod(HttpMethod.GET)).containsExactly(HttpMethod.GET, HttpMethod.POST);
+		assertThat(config.checkHttpMethod(HttpMethod.POST)).containsExactly(HttpMethod.GET, HttpMethod.POST);
 	}
 
 	@Test
@@ -337,21 +351,21 @@ public class CorsConfigurationTests {
 		assertThat(config.checkHeaders(Collections.emptyList())).isEqualTo(Collections.emptyList());
 		config.addAllowedHeader("header1");
 		config.addAllowedHeader("header2");
-		assertThat(config.checkHeaders(Arrays.asList("header1"))).isEqualTo(Arrays.asList("header1"));
-		assertThat(config.checkHeaders(Arrays.asList("header1", "header2"))).isEqualTo(Arrays.asList("header1", "header2"));
-		assertThat(config.checkHeaders(Arrays.asList("header1", "header2", "header3"))).isEqualTo(Arrays.asList("header1", "header2"));
+		assertThat(config.checkHeaders(Collections.singletonList("header1"))).containsExactly("header1");
+		assertThat(config.checkHeaders(Arrays.asList("header1", "header2"))).containsExactly("header1", "header2");
+		assertThat(config.checkHeaders(Arrays.asList("header1", "header2", "header3"))).containsExactly("header1", "header2");
 	}
 
 	@Test
 	public void checkHeadersNotAllowed() {
 		CorsConfiguration config = new CorsConfiguration();
 		assertThat(config.checkHeaders(null)).isNull();
-		assertThat(config.checkHeaders(Arrays.asList("header1"))).isNull();
+		assertThat(config.checkHeaders(Collections.singletonList("header1"))).isNull();
 		config.setAllowedHeaders(Collections.emptyList());
-		assertThat(config.checkHeaders(Arrays.asList("header1"))).isNull();
+		assertThat(config.checkHeaders(Collections.singletonList("header1"))).isNull();
 		config.addAllowedHeader("header2");
 		config.addAllowedHeader("header3");
-		assertThat(config.checkHeaders(Arrays.asList("header1"))).isNull();
+		assertThat(config.checkHeaders(Collections.singletonList("header1"))).isNull();
 	}
 
 	@Test  // SPR-15772
@@ -360,9 +374,9 @@ public class CorsConfigurationTests {
 		config.addAllowedOrigin("https://domain.com");
 		config.addAllowedHeader("header1");
 		config.addAllowedMethod("PATCH");
-		assertThat(config.getAllowedOrigins()).isEqualTo(Arrays.asList("*", "https://domain.com"));
-		assertThat(config.getAllowedHeaders()).isEqualTo(Arrays.asList("*", "header1"));
-		assertThat(config.getAllowedMethods()).isEqualTo(Arrays.asList("GET", "HEAD", "POST", "PATCH"));
+		assertThat(config.getAllowedOrigins()).containsExactly("*", "https://domain.com");
+		assertThat(config.getAllowedHeaders()).containsExactly("*", "header1");
+		assertThat(config.getAllowedMethods()).containsExactly("GET", "HEAD", "POST", "PATCH");
 	}
 
 	@Test
@@ -371,6 +385,6 @@ public class CorsConfigurationTests {
 		config.addAllowedOriginPattern(".*\\.com");
 		config = config.applyPermitDefaultValues();
 		assertThat(config.getAllowedOrigins()).isNull();
-		assertThat(config.getAllowedOriginsPatterns()).isEqualTo(Arrays.asList(".*\\.com"));
+		assertThat(config.getAllowedOriginPatterns()).containsExactly(".*\\.com");
 	}
 }

spring-webflux/src/main/java/org/springframework/web/reactive/result/method/annotation/RequestMappingHandlerMapping.java

@@ -315,8 +315,8 @@ public class RequestMappingHandlerMapping extends RequestMappingInfoHandlerMappi
 		for (String origin : annotation.origins()) {
 			config.addAllowedOrigin(resolveCorsAnnotationValue(origin));
 		}
-		for (String originsPattern : annotation.originsPatterns()) {
-			config.addAllowedOriginPattern(resolveCorsAnnotationValue(originsPattern));
+		for (String patterns : annotation.originPatterns()) {
+			config.addAllowedOriginPattern(resolveCorsAnnotationValue(patterns));
 		}
 		for (RequestMethod method : annotation.methods()) {
 			config.addAllowedMethod(method.name());

spring-webflux/src/test/java/org/springframework/web/reactive/result/method/annotation/CrossOriginAnnotationIntegrationTests.java

@@ -282,12 +282,13 @@ class CrossOriginAnnotationIntegrationTests extends AbstractRequestMappingIntegr
 	@Configuration
 	@EnableWebFlux
 	@ComponentScan(resourcePattern = "**/CrossOriginAnnotationIntegrationTests*")
-	@SuppressWarnings({"unused", "WeakerAccess"})
+	@SuppressWarnings("WeakerAccess")
 	static class WebConfig {
 	}
 
 
-	@RestController @SuppressWarnings("unused")
+	@RestController
+	@SuppressWarnings("unused")
 	private static class MethodLevelController {
 
 		@GetMapping("/no")
@@ -357,13 +358,13 @@ class CrossOriginAnnotationIntegrationTests extends AbstractRequestMappingIntegr
 			return "placeholder";
 		}
 
-		@CrossOrigin(originsPatterns = ".*\\.com")
+		@CrossOrigin(originPatterns = ".*\\.com")
 		@GetMapping("/origin-pattern-value-attribute")
 		public String customOriginPatternDefinedViaValueAttribute() {
 			return "pattern-value-attribute";
 		}
 
-		@CrossOrigin(originsPatterns = "${myOriginPattern}")
+		@CrossOrigin(originPatterns = "${myOriginPattern}")
 		@GetMapping("/origin-pattern-placeholder")
 		public String customOriginPatternDefinedViaPlaceholder() {
 			return "pattern-placeholder";

spring-webmvc/src/main/java/org/springframework/web/servlet/mvc/method/annotation/RequestMappingHandlerMapping.java

@@ -451,8 +451,8 @@ public class RequestMappingHandlerMapping extends RequestMappingInfoHandlerMappi
 		for (String origin : annotation.origins()) {
 			config.addAllowedOrigin(resolveCorsAnnotationValue(origin));
 		}
-		for (String originPatter : annotation.originsPatterns()) {
-			config.addAllowedOriginPattern(resolveCorsAnnotationValue(originPatter));
+		for (String patterns : annotation.originPatterns()) {
+			config.addAllowedOriginPattern(resolveCorsAnnotationValue(patterns));
 		}
 		for (RequestMethod method : annotation.methods()) {
 			config.addAllowedMethod(method.name());

spring-webmvc/src/test/java/org/springframework/web/servlet/handler/CorsAbstractHandlerMappingTests.java

@@ -130,7 +130,7 @@ class CorsAbstractHandlerMappingTests {
 
 		assertThat(chain).isNotNull();
 		assertThat(chain.getHandler()).isInstanceOf(SimpleHandler.class);
-		assertThat(mapping.getRequiredCorsConfig().getAllowedOriginsPatterns()).containsExactly(".*\\.domain2\\.com");
+		assertThat(mapping.getRequiredCorsConfig().getAllowedOriginPatterns()).containsExactly(".*\\.domain2\\.com");
 	}
 
 	@PathPatternsParameterizedTest

spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/CrossOriginTests.java

@@ -206,7 +206,7 @@ class CrossOriginTests {
 		CorsConfiguration config = getCorsConfiguration(chain, false);
 		assertThat(config).isNotNull();
 		assertThat(config.getAllowedOrigins()).isNull();
-		assertThat(config.getAllowedOriginsPatterns()).isEqualTo(Collections.singletonList(".*\\.example\\.com"));
+		assertThat(config.getAllowedOriginPatterns()).isEqualTo(Collections.singletonList(".*\\.example\\.com"));
 		assertThat(config.getAllowCredentials()).isNull();
 	}
 
@@ -218,7 +218,7 @@ class CrossOriginTests {
 		CorsConfiguration config = getCorsConfiguration(chain, false);
 		assertThat(config).isNotNull();
 		assertThat(config.getAllowedOrigins()).isNull();
-		assertThat(config.getAllowedOriginsPatterns()).isEqualTo(Collections.singletonList(".*\\.example\\.com"));
+		assertThat(config.getAllowedOriginPatterns()).isEqualTo(Collections.singletonList(".*\\.example\\.com"));
 		assertThat(config.getAllowCredentials()).isNull();
 	}
 
@@ -433,12 +433,12 @@ class CrossOriginTests {
 		public void customOriginDefinedViaPlaceholder() {
 		}
 
-		@CrossOrigin(originsPatterns = ".*\\.example\\.com")
+		@CrossOrigin(originPatterns = ".*\\.example\\.com")
 		@RequestMapping("/customOriginPattern")
 		public void customOriginPatternDefinedViaValueAttribute() {
 		}
 
-		@CrossOrigin(originsPatterns = "${myDomainPattern}")
+		@CrossOrigin(originPatterns = "${myDomainPattern}")
 		@RequestMapping("/customOriginPatternPlaceholder")
 		public void customOriginPatternDefinedViaPlaceholder() {
 		}