From 244691b58a233b2e4c7042742230245c539fea3d Mon Sep 17 00:00:00 2001 From: vlad Date: Fri, 24 Mar 2017 22:01:40 -0700 Subject: PDW-238 Session validity verification support for `AuthProvider` --- src/main/scala/xyz/driver/core/rest.scala | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'src/main/scala/xyz') diff --git a/src/main/scala/xyz/driver/core/rest.scala b/src/main/scala/xyz/driver/core/rest.scala index ad40fee..dd43989 100644 --- a/src/main/scala/xyz/driver/core/rest.scala +++ b/src/main/scala/xyz/driver/core/rest.scala @@ -137,13 +137,28 @@ package rest { */ def authenticatedUser(context: ServiceRequestContext): OptionT[Future, U] + /** + * Specific implementation can verify session expiration and single sign out + * to verify if session is still valid + */ + def isSessionValid(user: U)(context: ServiceRequestContext): Future[Boolean] = Future.successful(true) + + /** + * Verifies if request is authenticated and authorized to have `permissions` + */ def authorize(permissions: Permission*): Directive1[U] = { serviceContext flatMap { ctx => onComplete(authenticatedUser(ctx).run flatMap { userOption => - userOption.traverse[Future, (U, Boolean)] { user => - permissions.toList - .traverse[Future, Boolean](authorization.userHasPermission(user, _)(ctx)) - .map(results => user -> results.forall(identity)) + userOption.traverseM[Future, (U, Boolean)] { user => + isSessionValid(user)(ctx).flatMap { sessionValid => + if(sessionValid) { + permissions.toList + .traverse[Future, Boolean](authorization.userHasPermission(user, _)(ctx)) + .map(results => Option(user -> results.forall(identity))) + } else { + Future.successful(Option.empty[(U, Boolean)]) + } + } } }).flatMap { case Success(Some((user, authorizationResult))) => -- cgit v1.2.3 From b97bc7242d1686a303f6366755652b6bf93e3851 Mon Sep 17 00:00:00 2001 From: vlad Date: Fri, 24 Mar 2017 22:14:47 -0700 Subject: PDW-238 Session validity verification support for `AuthProvider` --- src/main/scala/xyz/driver/core/rest.scala | 6 +++--- src/test/scala/xyz/driver/core/AuthTest.scala | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'src/main/scala/xyz') diff --git a/src/main/scala/xyz/driver/core/rest.scala b/src/main/scala/xyz/driver/core/rest.scala index dd43989..42ffac4 100644 --- a/src/main/scala/xyz/driver/core/rest.scala +++ b/src/main/scala/xyz/driver/core/rest.scala @@ -132,16 +132,16 @@ package rest { * Specific implementation on how to extract user from request context, * can either need to do a network call to auth server or extract everything from self-contained token * - * @param context set of request values which can be relevant to authenticate user + * @param ctx set of request values which can be relevant to authenticate user * @return authenticated user */ - def authenticatedUser(context: ServiceRequestContext): OptionT[Future, U] + def authenticatedUser(implicit ctx: ServiceRequestContext): OptionT[Future, U] /** * Specific implementation can verify session expiration and single sign out * to verify if session is still valid */ - def isSessionValid(user: U)(context: ServiceRequestContext): Future[Boolean] = Future.successful(true) + def isSessionValid(user: U)(implicit ctx: ServiceRequestContext): Future[Boolean] = Future.successful(true) /** * Verifies if request is authenticated and authorized to have `permissions` diff --git a/src/test/scala/xyz/driver/core/AuthTest.scala b/src/test/scala/xyz/driver/core/AuthTest.scala index c39d9da..e6025fb 100644 --- a/src/test/scala/xyz/driver/core/AuthTest.scala +++ b/src/test/scala/xyz/driver/core/AuthTest.scala @@ -31,8 +31,8 @@ class AuthTest extends FlatSpec with Matchers with MockitoSugar with ScalatestRo } val authStatusService = new AuthProvider[User](authorization, NoLogger) { - override def authenticatedUser(context: ServiceRequestContext): OptionT[Future, User] = OptionT.optionT[Future] { - if (context.contextHeaders.keySet.contains(AuthProvider.AuthenticationTokenHeader)) { + override def authenticatedUser(implicit ctx: ServiceRequestContext): OptionT[Future, User] = OptionT.optionT[Future] { + if (ctx.contextHeaders.keySet.contains(AuthProvider.AuthenticationTokenHeader)) { Future.successful(Some(BasicUser(Id[User]("1"), Set(TestRole)))) } else { Future.successful(Option.empty[User]) -- cgit v1.2.3 From e74e0229b85a2cb85b31c1f9389dada65ec08b7d Mon Sep 17 00:00:00 2001 From: vlad Date: Sat, 25 Mar 2017 14:03:32 -0700 Subject: PDW-238 Session validity verification support for `AuthProvider`, abstract `isSessionValid` --- src/main/scala/xyz/driver/core/rest.scala | 2 +- src/test/scala/xyz/driver/core/AuthTest.scala | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'src/main/scala/xyz') diff --git a/src/main/scala/xyz/driver/core/rest.scala b/src/main/scala/xyz/driver/core/rest.scala index 42ffac4..d3a06d2 100644 --- a/src/main/scala/xyz/driver/core/rest.scala +++ b/src/main/scala/xyz/driver/core/rest.scala @@ -141,7 +141,7 @@ package rest { * Specific implementation can verify session expiration and single sign out * to verify if session is still valid */ - def isSessionValid(user: U)(implicit ctx: ServiceRequestContext): Future[Boolean] = Future.successful(true) + def isSessionValid(user: U)(implicit ctx: ServiceRequestContext): Future[Boolean] /** * Verifies if request is authenticated and authorized to have `permissions` diff --git a/src/test/scala/xyz/driver/core/AuthTest.scala b/src/test/scala/xyz/driver/core/AuthTest.scala index 76c2933..d1a37a2 100644 --- a/src/test/scala/xyz/driver/core/AuthTest.scala +++ b/src/test/scala/xyz/driver/core/AuthTest.scala @@ -31,6 +31,10 @@ class AuthTest extends FlatSpec with Matchers with MockitoSugar with ScalatestRo } val authStatusService = new AuthProvider[User](authorization, NoLogger) { + + override def isSessionValid(user: User)(implicit ctx: ServiceRequestContext): Future[Boolean] = + Future.successful(true) + override def authenticatedUser(implicit ctx: ServiceRequestContext): OptionT[Future, User] = OptionT.optionT[Future] { if (ctx.contextHeaders.keySet.contains(AuthProvider.AuthenticationTokenHeader)) { -- cgit v1.2.3