OMDSCloud/dictation_server/src/main.ts

import { NestFactory } from '@nestjs/core';
import cookieParser from 'cookie-parser';
import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
import { AppModule } from './app.module';
import { ValidationPipe } from '@nestjs/common';
import helmet from 'helmet';
const helmetDirectives = helmet.contentSecurityPolicy.getDefaultDirectives();
helmetDirectives['connect-src'] = [
  "'self'",
  'https://adb2codmsdev.b2clogin.com/adb2codmsdev.onmicrosoft.com/b2c_1_signin_dev/v2.0/.well-known/openid-configuration',
  'https://adb2codmsdev.b2clogin.com/adb2codmsdev.onmicrosoft.com/b2c_1_signin_dev/oauth2/v2.0/token',
];
helmetDirectives['navigate-to'] = ["'self'"];
helmetDirectives['style-src'] = ["'self'", 'https:'];
helmetDirectives['report-uri'] = ["'self'"];
async function bootstrap() {
  const app = await NestFactory.create(AppModule);
  //XXX 特定のオリジンからのリクエストは許可する
  app.enableCors({
    origin: 'http://localhost:8180',
    methods: 'GET,PUT,POST,DELETE,OPTION',
    allowedHeaders: 'Origin,Content-Type,Accept,Authorization',
  });
  app.use(
    helmet({
      contentSecurityPolicy: {
        directives: helmetDirectives,
      },
    }),
    cookieParser(),
  );

  // バリデーター(+型の自動変換機能)を適用
  app.useGlobalPipes(
    new ValidationPipe({ transform: true, forbidUnknownValues: false }),
  );

  if (process.env.STAGE === 'local') {
    const options = new DocumentBuilder()
      .setTitle('ODMSOpenAPI')
      .setVersion('1.0.0')
      .addBearerAuth({
        type: 'http',
        scheme: 'bearer',
        bearerFormat: 'JWT',
      })
      .build();
    const document = SwaggerModule.createDocument(app, options);
    SwaggerModule.setup('api', app, document);
  }

  await app.listen(process.env.PORT || 80);
}
bootstrap();