我有如下的Akka指令结构
cors(){
post {
extractCredentials {
credentials:Option[HttpCredentials] => {
// I can successfully inspect the credentials here
}
}
}
}现在我尝试使用authenticateBasic,如
private def foo(credentials: Credentials):Option[FineAuthenticationResult] = {
credentials match
case Credentials.Provided(token) =>
println(token)
Some(ValidCredentials("foo"))
case _ => Some(InvalidToken("foo"))
}
cors(){
post {
authenticateBasic(
realm = "Secure",
foo
) { authenticationResult =>
// Keep track of authorization results per channel and EVENT type
val additionalTags = Map(
"eventType" -> event.customEventType,
"channel" -> event.channel
)
authenticationResult match
case InvalidToken(message) =>
reject(CredentialsRejection(s"invalid token $message", additionalTags))
case InvalidCredentials(message) =>
reject(CredentialsRejection(s"invalid token $message", additionalTags))
case ValidCredentials(_) => complete(StatusCode.int2StatusCode(200))
}
}
}foo验证码总是以“Missing credentials”(缺少凭据)的情况结束。我在测试
Postman.post(uri = "/path/path",
channel = Some("a_channel"),
eventType = Some("a-request")) ~>
addCredentials(getValidToken) ~>
routes ~>
check {
status shouldBe StatusCodes.OK
}为什么使用authenticateBasic时我总是得到丢失的凭据,而使用extractCredentials时总是给我正确的凭据。
1条答案
按热度按时间1l5u6lss1#
tldr
这个问题很简单,但我不得不通过
authenticateBasic的内部来了解问题所在。我们不能将authenticateBasic与OAuth2Token一起使用。我们只能使用authenticateOAuth2。更多详情
authenticateBasic使用在引擎盖下。
authenticateBasicAsync使用这里我们可以看到
C原则上是BasicHttpCredentials。但是对于addCredentials-在OAuth0的情况下-C将是OAuth0Token。因此,该collect将删除
Credentials对象。