Thelonius
Reputation: 71
How can I create a custom directive for Akka-Http 2 by nesting existing Directives?
I am trying to create a custom directive that I can later use to validate user roles like so:
val route = put & authorize(ADMIN) {
// do sth
}
or
val route = put {
authorize(ADMIN) {
//do sth
}
}
. Here is what I got so far:
def authorize(role: String): Directive0 = {
extractToken { t: String =>
validateToken(t) {
extractRoles(t) { roles: Seq[String] =>
validate(roles.contains(role), s"User does not have the required role")
}
}
}
}
def extractRoles(token: String): Directive1[Seq[String]] = {
token match {
case JsonWebToken(header, claimsSet, signature) => {
val decoded = decodeJWT(token)
decoded match {
case Some(_) => provide(extractRoleCodesFromJWT(decoded.get))
case None => provide(Seq())
}
}
case x =>
provide(Seq())
}
}
def validateToken(token: String): Directive0 = validate(validateJWT(token), INVALID_TOKEN_MESSAGE)
def extractToken: Directive1[Option[String]] = extractToken | extractHeader
def extractCookie: Directive1[Option[String]] = optionalCookie(JWT_COOKIE_NAME).map(_.map(_.value))
def extractHeader: Directive1[Option[String]] = optionalHeaderValueByName(JWT_HEADER_NAME)
All compiles fine, except the actual Directive0 that I want use later (authorize). The most inner line validate(...) shows a compile error saying "Expression of type server.Directive0 doesn't conform to expected type server.Route"
How can I properly nest my other directives in order to form my authorize directive? Or can I concatenate them somehow else, instead of nesting? The documentation on custom directives is very slim unfortunately.
[UPDATE]
Thanks to the pointer from Java Anto this is what I came up with.
def authorize(role: String): Directive0 = {
extractToken.flatMap(validateToken)
.flatMap(extractRoles)
.flatMap(roles => validate(roles.contains(role), MISSING_ROLE_MESSAGE))
}
This compiles and will hopefully do the trick one I get to test it properly.
Upvotes: 3
Views: 4204
Answers (1)
Thelonius
Reputation: 71
Thanks to the pointer from @Java Anto the solution that worked for me was the following.
trait AuthorizationDirectives extends JWTService {
val JWT_COOKIE_NAME = "jwt_cookie_name"
val JWT_HEADER_NAME = "jwt_cookie_header"
val INVALID_TOKEN_MESSAGE = "The provided token is not valid."
val MISSING_ROLE_MESSAGE = "User does not have the required role."
def authorizeRole(role: String): Directive0 = {
extractToken.flatMap(validateToken)
.flatMap(extractRoles)
.flatMap(validateRole(role)(_))
}
def extractRoles(token: String): Directive1[String] = {
// decode the token
val decoded = decodeJWT(token)
// check if decode was successful
decoded match {
case Some(_) => {
// get the role string
val rolesString = extractRoleCodesFromJWT(decoded.get)
rolesString match {
// return rolestring if present
case Some(_) => provide(rolesString.get)
case None => reject(AuthorizationFailedRejection)
}
}
case None => reject(AuthorizationFailedRejection)
}
}
def validateRole(role: String)(roles: String): Directive0 = {
if (roles.contains(role))
pass
else
reject(AuthorizationFailedRejection)
}
def validateToken(token: Option[String]): Directive1[String] = {
token match {
case Some(_) => validate(validateJWT(token.get), INVALID_TOKEN_MESSAGE) & provide(token.get)
case None => reject(AuthorizationFailedRejection)
}
}
def extractToken: Directive1[Option[String]] = {
extractCookie.flatMap {
case None => extractHeader
case t@Some(_) => provide(t)
}
}
def extractCookie: Directive1[Option[String]] = optionalCookie(JWT_COOKIE_NAME).map(_.map(_.value))
def extractHeader: Directive1[Option[String]] = optionalHeaderValueByName(JWT_HEADER_NAME)
}
The directive can then be used like this:
trait CRUDServiceRoute[ENTITY, UPDATE] extends BaseServiceRoute with Protocols with AuthorizationDirectives with CorsSupport {
import StatusCodes._
val requiredRoleForEdit = USER
val crudRoute: Route =
pathEndOrSingleSlash {
corsHandler {
get {
complete(getAll().map(entityToJson))
} ~
put {
authorizeRole(requiredRoleForEdit) {
entity(entityUnmarshaller) { t =>
complete(Created -> create(t).map(idToJson))
}
}
}
}
} ~
pathPrefix(IntNumber) { id =>
pathEndOrSingleSlash {
corsHandler {
get {
complete(getById(id).map(entityToJson))
}
} ~
corsHandler {
put {
authorizeRole(requiredRoleForEdit) {
entity(updateUnmarshaller) { tupd =>
complete(update(id, tupd).map(entityToJson))
}
}
}
} ~
delete {
corsHandler {
authorizeRole(requiredRoleForEdit) {
onSuccess(remove(id)) { ignored =>
complete(NoContent)
}
}
}
}
}
}
def entityToJson(value: Seq[ENTITY]): JsValue
def entityToJson(value: Option[ENTITY]): JsValue
def idToJson(value: Option[Long]): JsValue
def entityUnmarshaller: FromRequestUnmarshaller[ENTITY]
def updateUnmarshaller: FromRequestUnmarshaller[UPDATE]
// CRUD service methods. These are implemented by the services used in the concrete routes
def getAll(): Future[Seq[ENTITY]]
def getById(id: Long): Future[Option[ENTITY]]
def create(entity: ENTITY): Future[Option[Long]]
def update(id: Long, noteUpdate: UPDATE): Future[Option[ENTITY]]
def remove(id: Long): Future[Int]
}
Upvotes: 2
Related Questions
- Migrating from Akka Http to Http4s - custom directives
- Unable to combine two directives using the | operator on Akka-Http
- Custom directive in Akka Http
- How do I use two Directives with OR in Akka-HTTP?
- akka http using directives outside route
- Combining two Directive0 with &
- Akka-HTTP compilation error using custom requireParam() directive
- akka-http 'Directive0' to force the inner route be evaluated separately for each request?
- akka http custom nested directives
- Directive use both request header and body in akka-http