diff options
author | vlad <vlad@drivergrp.com> | 2016-10-26 20:06:38 -0400 |
---|---|---|
committer | vlad <vlad@drivergrp.com> | 2016-10-26 20:06:38 -0400 |
commit | 88978d91edca16f9c6a4177b5ed997bc12486b29 (patch) | |
tree | 9877cf39bb79bfa188b688fb0c7979c660625034 /src/main/scala/xyz/driver/core/auth.scala | |
parent | 98a1173d82f7d5f137657979926e2621def63191 (diff) | |
download | driver-core-88978d91edca16f9c6a4177b5ed997bc12486b29.tar.gz driver-core-88978d91edca16f9c6a4177b5ed997bc12486b29.tar.bz2 driver-core-88978d91edca16f9c6a4177b5ed997bc12486b29.zip |
Request tracing and audit loggingv0.9.7
Diffstat (limited to 'src/main/scala/xyz/driver/core/auth.scala')
-rw-r--r-- | src/main/scala/xyz/driver/core/auth.scala | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/src/main/scala/xyz/driver/core/auth.scala b/src/main/scala/xyz/driver/core/auth.scala index 874f1e1..17f89c0 100644 --- a/src/main/scala/xyz/driver/core/auth.scala +++ b/src/main/scala/xyz/driver/core/auth.scala @@ -72,12 +72,13 @@ object auth { final case class Base64[T](value: String) - final case class AuthToken(value: Base64[Macaroon]) + final case class AuthToken(value: Base64[Macaroon], trackingId: String) final case class PasswordHash(value: String) object AuthService { val AuthenticationTokenHeader = "WWW-Authenticate" + val TrackingIdHeader = "l5d-ctx-trace" // https://linkerd.io/doc/0.7.4/linkerd/protocol-http/ } trait AuthService[U <: User] { @@ -90,16 +91,20 @@ object auth { def authorize(permissions: Permission*): Directive1[(AuthToken, U)] = { parameters('authToken.?).flatMap { parameterTokenValue => optionalHeaderValueByName(AuthService.AuthenticationTokenHeader).flatMap { headerTokenValue => - verifyAuthToken(headerTokenValue.orElse(parameterTokenValue), permissions.toSet) + optionalHeaderValueByName(AuthService.TrackingIdHeader).flatMap { trackingIdValue => + verifyAuthToken(headerTokenValue.orElse(parameterTokenValue), trackingIdValue, permissions.toSet) + } } } } private def verifyAuthToken(tokenOption: Option[String], + trackingIdValue: Option[String], permissions: Set[Permission]): Directive1[(AuthToken, U)] = tokenOption match { case Some(tokenValue) => - val token = AuthToken(Base64[Macaroon](tokenValue)) + val trackingId = trackingIdValue.getOrElse(java.util.UUID.randomUUID.toString) + val token = AuthToken(Base64[Macaroon](tokenValue), trackingId) onComplete(authStatus(token).run).flatMap { tokenUserResult => checkPermissions(tokenUserResult, permissions, token) |