Update CORS handling according to Framework changes

This commit updates CORS handling according to Framework changes
introduced via [1]. It also fixes tests according to the new behavior.

See gh-16410

[1] d27b5d0ab6.

spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/integrationtest/WebFluxEndpointCorsIntegrationTests.java

@@ -63,8 +63,7 @@ public class WebFluxEndpointCorsIntegrationTests {
 		createWebTestClient().options().uri("/actuator/beans")
 				.header("Origin", "spring.example.org")
 				.header(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET").exchange()
-				.expectStatus().isForbidden().expectHeader()
+				.expectHeader().doesNotExist(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN);
-				.doesNotExist(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN);
 	}
 
 	@Test

spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/integrationtest/WebMvcEndpointCorsIntegrationTests.java

@@ -138,7 +138,7 @@ public class WebMvcEndpointCorsIntegrationTests {
 				.of("management.endpoints.web.cors.allowed-origins:foo.example.com")
 				.applyTo(this.context);
 		createMockMvc()
-				.perform(options("/actuator/health")
+				.perform(options("/actuator/beans")
 						.header(HttpHeaders.ORIGIN, "foo.example.com")
 						.header(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "PATCH"))
 				.andExpect(status().isForbidden());

spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/web/reactive/AbstractWebFluxEndpointHandlerMapping.java

@@ -190,6 +190,11 @@ public abstract class AbstractWebFluxEndpointHandlerMapping
 				.findMethod(linksHandler.getClass(), "links", ServerWebExchange.class));
 	}
 
+	@Override
+	protected boolean hasCorsConfigurationSource(Object handler) {
+		return this.corsConfiguration != null;
+	}
+
 	@Override
 	protected CorsConfiguration initCorsConfiguration(Object handler, Method method,
 			RequestMappingInfo mapping) {

spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/web/reactive/ControllerEndpointHandlerMapping.java

@@ -117,6 +117,11 @@ public class ControllerEndpointHandlerMapping extends RequestMappingHandlerMappi
 				mapping.getCustomCondition());
 	}
 
+	@Override
+	protected boolean hasCorsConfigurationSource(Object handler) {
+		return this.corsConfiguration != null;
+	}
+
 	@Override
 	protected CorsConfiguration initCorsConfiguration(Object handler, Method method,
 			RequestMappingInfo mapping) {

spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/web/servlet/AbstractWebMvcEndpointHandlerMapping.java

@@ -217,6 +217,11 @@ public abstract class AbstractWebMvcEndpointHandlerMapping
 				builderConfig.useTrailingSlashMatch());
 	}
 
+	@Override
+	protected boolean hasCorsConfigurationSource(Object handler) {
+		return this.corsConfiguration != null;
+	}
+
 	@Override
 	protected CorsConfiguration initCorsConfiguration(Object handler, Method method,
 			RequestMappingInfo mapping) {

spring-boot-project/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/web/servlet/ControllerEndpointHandlerMapping.java

@@ -118,6 +118,11 @@ public class ControllerEndpointHandlerMapping extends RequestMappingHandlerMappi
 				mapping.getCustomCondition());
 	}
 
+	@Override
+	protected boolean hasCorsConfigurationSource(Object handler) {
+		return this.corsConfiguration != null;
+	}
+
 	@Override
 	protected CorsConfiguration initCorsConfiguration(Object handler, Method method,
 			RequestMappingInfo mapping) {