From 1f320bfba719d4cc3a4d46bc90a30d8a6bbd91d4 Mon Sep 17 00:00:00 2001
From: Zach Smith <zach@driver.xyz>
Date: Tue, 21 Aug 2018 16:25:04 -0700
Subject: Add UnauthorizedException and catch it in AuthProvider (#198)

* Add AuthorizationException and pass it through in authorize directive

* Move recover to authenticator method
---
 src/main/scala/xyz/driver/core/json.scala                         | 2 ++
 src/main/scala/xyz/driver/core/rest/DriverRoute.scala             | 3 +++
 src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala       | 5 ++++-
 src/main/scala/xyz/driver/core/rest/errors/serviceException.scala | 4 ++++
 4 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/main/scala/xyz/driver/core/json.scala b/src/main/scala/xyz/driver/core/json.scala
index e4a0cef..639af22 100644
--- a/src/main/scala/xyz/driver/core/json.scala
+++ b/src/main/scala/xyz/driver/core/json.scala
@@ -390,6 +390,7 @@ object json {
     GadtJsonFormat.create[ServiceException]("type") {
       case _: InvalidInputException           => "InvalidInputException"
       case _: InvalidActionException          => "InvalidActionException"
+      case _: UnauthorizedException           => "UnauthorizedException"
       case _: ResourceNotFoundException       => "ResourceNotFoundException"
       case _: ExternalServiceException        => "ExternalServiceException"
       case _: ExternalServiceTimeoutException => "ExternalServiceTimeoutException"
@@ -397,6 +398,7 @@ object json {
     } {
       case "InvalidInputException"     => jsonFormat(InvalidInputException, "message")
       case "InvalidActionException"    => jsonFormat(InvalidActionException, "message")
+      case "UnauthorizedException"     => jsonFormat(UnauthorizedException, "message")
       case "ResourceNotFoundException" => jsonFormat(ResourceNotFoundException, "message")
       case "ExternalServiceException" =>
         jsonFormat(ExternalServiceException, "serviceName", "serviceMessage", "serviceException")
diff --git a/src/main/scala/xyz/driver/core/rest/DriverRoute.scala b/src/main/scala/xyz/driver/core/rest/DriverRoute.scala
index 55f39ba..288245a 100644
--- a/src/main/scala/xyz/driver/core/rest/DriverRoute.scala
+++ b/src/main/scala/xyz/driver/core/rest/DriverRoute.scala
@@ -79,6 +79,9 @@ trait DriverRoute {
       case e: InvalidActionException =>
         log.info("Invalid client action error", e)
         StatusCodes.Forbidden
+      case e: UnauthorizedException =>
+        log.info("Unauthorized user error", e)
+        StatusCodes.Unauthorized
       case e: ResourceNotFoundException =>
         log.info("Resource not found error", e)
         StatusCodes.NotFound
diff --git a/src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala b/src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala
index 1fddd45..e1a94e1 100644
--- a/src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala
+++ b/src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala
@@ -4,6 +4,7 @@ import akka.http.scaladsl.server.directives.Credentials
 import com.typesafe.scalalogging.Logger
 import scalaz.OptionT
 import xyz.driver.core.auth.{AuthToken, Permission, User}
+import xyz.driver.core.rest.errors.{ExternalServiceException, UnauthorizedException}
 import xyz.driver.core.rest.{AuthorizedServiceRequestContext, ContextHeaders, ServiceRequestContext, serviceContext}
 
 import scala.concurrent.{ExecutionContext, Future}
@@ -34,7 +35,9 @@ abstract class AuthProvider[U <: User](
       log.info(s"Request (${context.trackingId}) missing authentication credentials")
       Future.successful(None)
     case Credentials.Provided(authToken) =>
-      authenticatedUser(context.withAuthToken(AuthToken(authToken))).run
+      authenticatedUser(context.withAuthToken(AuthToken(authToken))).run.recover({
+        case ExternalServiceException(_, _, Some(UnauthorizedException(_))) => None
+      })
   }
 
   /**
diff --git a/src/main/scala/xyz/driver/core/rest/errors/serviceException.scala b/src/main/scala/xyz/driver/core/rest/errors/serviceException.scala
index db289de..f2962c9 100644
--- a/src/main/scala/xyz/driver/core/rest/errors/serviceException.scala
+++ b/src/main/scala/xyz/driver/core/rest/errors/serviceException.scala
@@ -7,6 +7,10 @@ final case class InvalidInputException(override val message: String = "Invalid i
 final case class InvalidActionException(override val message: String = "This action is not allowed")
     extends ServiceException(message)
 
+final case class UnauthorizedException(
+    override val message: String = "The user's authentication credentials are invalid or missing")
+    extends ServiceException(message)
+
 final case class ResourceNotFoundException(override val message: String = "Resource not found")
     extends ServiceException(message)
 
-- 
cgit v1.2.3