+htp #20002 add authorizeAsync

2016-03-10 18:40:01 +01:00 · 2016-03-10 18:40:01 +01:00 · 2933045156
commit 2933045156
parent b3c691e4a8
8 changed files with 140 additions and 4 deletions
--- a/akka-docs/rst/scala/code/docs/http/scaladsl/server/directives/SecurityDirectivesExamplesSpec.scala
+++ b/akka-docs/rst/scala/code/docs/http/scaladsl/server/directives/SecurityDirectivesExamplesSpec.scala
@ -219,7 +219,7 @@ class SecurityDirectivesExamplesSpec extends RoutingSpec {
      }
  }

-  "0authorize" in {
+  "0authorize-0" in {
    case class User(name: String)

    // authenticate the user:
@ -260,6 +260,48 @@ class SecurityDirectivesExamplesSpec extends RoutingSpec {
      }
  }

+  "0authorizeAsync" in {
+    case class User(name: String)
+
+    // authenticate the user:
+    def myUserPassAuthenticator(credentials: Credentials): Option[User] =
+      credentials match {
+        case Credentials.Provided(id) => Some(User(id))
+        case _                        => None
+      }
+
+    // check if user is authorized to perform admin actions,
+    // this could potentially be a long operation so it would return a Future
+    val admins = Set("Peter")
+    def hasAdminPermissions(user: User): Future[Boolean] =
+      Future.successful(admins.contains(user.name))
+
+    val route =
+      Route.seal {
+        authenticateBasic(realm = "secure site", myUserPassAuthenticator) { user =>
+          path("peters-lair") {
+            authorizeAsync(_ => hasAdminPermissions(user)) {
+              complete(s"'${user.name}' visited Peter's lair")
+            }
+          }
+        }
+      }
+
+    // tests:
+    val johnsCred = BasicHttpCredentials("John", "p4ssw0rd")
+    Get("/peters-lair") ~> addCredentials(johnsCred) ~> // adds Authorization header
+      route ~> check {
+        status shouldEqual StatusCodes.Forbidden
+        responseAs[String] shouldEqual "The supplied authentication is not authorized to access this resource"
+      }
+
+    val petersCred = BasicHttpCredentials("Peter", "pan")
+    Get("/peters-lair") ~> addCredentials(petersCred) ~> // adds Authorization header
+      route ~> check {
+        responseAs[String] shouldEqual "'Peter' visited Peter's lair"
+      }
+  }
+
  "0extractCredentials" in {
    val route =
      extractCredentials { creds =>