如何通过嵌套现有指令为Akka-Http 2创建自定义指令?
[英]How can I create a custom directive for Akka-Http 2 by nesting existing Directives?
问题描述
我正在尝试创建一个自定义指令,我以后可以使用它来验证用户角色,如下所示:
val route = put & authorize(ADMIN) {
// do sth
}
要么
val route = put {
authorize(ADMIN) {
//do sth
}
}
。 这是我到目前为止所得到的:
def authorize(role: String): Directive0 = {
extractToken { t: String =>
validateToken(t) {
extractRoles(t) { roles: Seq[String] =>
validate(roles.contains(role), s"User does not have the required role")
}
}
}
}
def extractRoles(token: String): Directive1[Seq[String]] = {
token match {
case JsonWebToken(header, claimsSet, signature) => {
val decoded = decodeJWT(token)
decoded match {
case Some(_) => provide(extractRoleCodesFromJWT(decoded.get))
case None => provide(Seq())
}
}
case x =>
provide(Seq())
}
}
def validateToken(token: String): Directive0 = validate(validateJWT(token), INVALID_TOKEN_MESSAGE)
def extractToken: Directive1[Option[String]] = extractToken | extractHeader
def extractCookie: Directive1[Option[String]] = optionalCookie(JWT_COOKIE_NAME).map(_.map(_.value))
def extractHeader: Directive1[Option[String]] = optionalHeaderValueByName(JWT_HEADER_NAME)
所有编译都很好,除了我想要稍后使用的实际Directive0(授权)。 最内部的行validate(...)显示编译错误,说“类型server.Directive0的表达式不符合预期的类型server.Route”
如何正确嵌套我的其他指令以形成我的authorize指令? 或者我可以以其他方式连接它们,而不是嵌套? 遗憾的是,自定义指令的文档非常简洁。
[UPDATE]
感谢来自Java Anto的指针,这就是我想出来的。
def authorize(role: String): Directive0 = {
extractToken.flatMap(validateToken)
.flatMap(extractRoles)
.flatMap(roles => validate(roles.contains(role), MISSING_ROLE_MESSAGE))
}
编译并希望能够正确地完成测试。
1 个解决方案
解决方案1
2 2016-11-25 12:37:50
感谢来自@Java Anto的指针,对我有用的解决方案如下。
trait AuthorizationDirectives extends JWTService {
val JWT_COOKIE_NAME = "jwt_cookie_name"
val JWT_HEADER_NAME = "jwt_cookie_header"
val INVALID_TOKEN_MESSAGE = "The provided token is not valid."
val MISSING_ROLE_MESSAGE = "User does not have the required role."
def authorizeRole(role: String): Directive0 = {
extractToken.flatMap(validateToken)
.flatMap(extractRoles)
.flatMap(validateRole(role)(_))
}
def extractRoles(token: String): Directive1[String] = {
// decode the token
val decoded = decodeJWT(token)
// check if decode was successful
decoded match {
case Some(_) => {
// get the role string
val rolesString = extractRoleCodesFromJWT(decoded.get)
rolesString match {
// return rolestring if present
case Some(_) => provide(rolesString.get)
case None => reject(AuthorizationFailedRejection)
}
}
case None => reject(AuthorizationFailedRejection)
}
}
def validateRole(role: String)(roles: String): Directive0 = {
if (roles.contains(role))
pass
else
reject(AuthorizationFailedRejection)
}
def validateToken(token: Option[String]): Directive1[String] = {
token match {
case Some(_) => validate(validateJWT(token.get), INVALID_TOKEN_MESSAGE) & provide(token.get)
case None => reject(AuthorizationFailedRejection)
}
}
def extractToken: Directive1[Option[String]] = {
extractCookie.flatMap {
case None => extractHeader
case t@Some(_) => provide(t)
}
}
def extractCookie: Directive1[Option[String]] = optionalCookie(JWT_COOKIE_NAME).map(_.map(_.value))
def extractHeader: Directive1[Option[String]] = optionalHeaderValueByName(JWT_HEADER_NAME)
}
然后可以像这样使用该指令:
trait CRUDServiceRoute[ENTITY, UPDATE] extends BaseServiceRoute with Protocols with AuthorizationDirectives with CorsSupport {
import StatusCodes._
val requiredRoleForEdit = USER
val crudRoute: Route =
pathEndOrSingleSlash {
corsHandler {
get {
complete(getAll().map(entityToJson))
} ~
put {
authorizeRole(requiredRoleForEdit) {
entity(entityUnmarshaller) { t =>
complete(Created -> create(t).map(idToJson))
}
}
}
}
} ~
pathPrefix(IntNumber) { id =>
pathEndOrSingleSlash {
corsHandler {
get {
complete(getById(id).map(entityToJson))
}
} ~
corsHandler {
put {
authorizeRole(requiredRoleForEdit) {
entity(updateUnmarshaller) { tupd =>
complete(update(id, tupd).map(entityToJson))
}
}
}
} ~
delete {
corsHandler {
authorizeRole(requiredRoleForEdit) {
onSuccess(remove(id)) { ignored =>
complete(NoContent)
}
}
}
}
}
}
def entityToJson(value: Seq[ENTITY]): JsValue
def entityToJson(value: Option[ENTITY]): JsValue
def idToJson(value: Option[Long]): JsValue
def entityUnmarshaller: FromRequestUnmarshaller[ENTITY]
def updateUnmarshaller: FromRequestUnmarshaller[UPDATE]
// CRUD service methods. These are implemented by the services used in the concrete routes
def getAll(): Future[Seq[ENTITY]]
def getById(id: Long): Future[Option[ENTITY]]
def create(entity: ENTITY): Future[Option[Long]]
def update(id: Long, noteUpdate: UPDATE): Future[Option[ENTITY]]
def remove(id: Long): Future[Int]
}
如何创建自定义解组器以使用akka-http处理参数列表?
[英]How do I create custom unmarshallers to process parameter lists using akka-http?
使用自定义requireParam()指令的Akka-HTTP编译错误
[英]Akka-HTTP compilation error using custom requireParam() directive
如何在Scala中为https请求创建akka-http cachedHostConnectionPool?
[英]How to create akka-http cachedHostConnectionPool for https requests in scala?
如何在akka-http的websocket处理程序中注入保持活动状态?
[英]how can I inject a keep-alive into a websocket handler in akka-http?
如何在单个 Akka-http 流中读取多个 Web 套接字?
[英]How can I read several web-sockets within a single Akka-http Flow?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
在akka-http指令中嵌套CRUD路径
如何在 Akka-HTTP 中使用两个带 OR 的指令?
如何创建自定义解组器以使用akka-http处理参数列表?
如何在Scala Akka-http中定义通用路由
使用自定义requireParam()指令的Akka-HTTP编译错误
akka-http自定义PathMatcher
如何创建具有背压溢出策略的 akka-http 客户端?
如何在Scala中为https请求创建akka-http cachedHostConnectionPool?
如何在akka-http的websocket处理程序中注入保持活动状态?
如何在单个 Akka-http 流中读取多个 Web 套接字?
相关标签