Package akka.http.javadsl.server.directives

Class SecurityDirectives

java.lang.Object
akka.http.javadsl.server.directives.BasicDirectives
akka.http.javadsl.server.directives.CacheConditionDirectives
akka.http.javadsl.server.directives.CodingDirectives
akka.http.javadsl.server.directives.CookieDirectives
akka.http.javadsl.server.directives.DebuggingDirectives
akka.http.javadsl.server.directives.ExecutionDirectives
akka.http.javadsl.server.directives.FileAndResourceDirectives
akka.http.javadsl.server.directives.FileUploadDirectives
akka.http.javadsl.server.directives.FormFieldDirectives
akka.http.javadsl.server.directives.FutureDirectives
akka.http.javadsl.server.directives.HeaderDirectives
akka.http.javadsl.server.directives.AttributeDirectives
akka.http.javadsl.server.directives.HostDirectives
akka.http.javadsl.server.directives.MarshallingDirectives
akka.http.javadsl.server.directives.MethodDirectives
akka.http.javadsl.server.directives.MiscDirectives
akka.http.javadsl.server.directives.ParameterDirectives
akka.http.javadsl.server.directives.PathDirectives
akka.http.javadsl.server.directives.RangeDirectives
akka.http.javadsl.server.directives.RespondWithDirectives
akka.http.javadsl.server.directives.RouteDirectives
akka.http.javadsl.server.directives.SchemeDirectives
akka.http.javadsl.server.directives.SecurityDirectives
Direct Known Subclasses:
WebSocketDirectives
public abstract class SecurityDirectives extends SchemeDirectives

  • Constructor Details

    • SecurityDirectives

      public SecurityDirectives()

  • Method Details

    • extractCredentials

      public Route extractCredentials(Function<Optional<HttpCredentials>,Route> inner)
      Extracts the potentially present HttpCredentials provided with the request's Authorization header.
      Parameters:
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateBasic

      public <T> Route authenticateBasic(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator, Function<T,Route> inner)
      Wraps the inner route with Http Basic authentication support using a given Authenticator[T]. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateBasicPF

      public <T> Route authenticateBasicPF(String realm, scala.PartialFunction<Optional<SecurityDirectives.ProvidedCredentials>,T> authenticator, Function<T,Route> inner)
      Wraps the inner route with Http Basic authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateBasicPFAsync

      public <T> Route authenticateBasicPFAsync(String realm, scala.PartialFunction<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<T>> authenticator, Function<T,Route> inner)
      Wraps the inner route with Http Basic authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateBasicOptional

      public <T> Route authenticateBasicOptional(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator, Function<Optional<T>,Route> inner)
      Wraps the inner route with Http Basic authentication support using a given Authenticator[T]. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is optional in this variant.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateBasicAsync

      public <T> Route authenticateBasicAsync(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator, Function<T,Route> inner)
      Wraps the inner route with Http Basic authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateBasicAsyncOptional

      public <T> Route authenticateBasicAsyncOptional(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator, Function<Optional<T>,Route> inner)
      Wraps the inner route with Http Basic authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is optional in this variant.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateOAuth2

      public <T> Route authenticateOAuth2(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator, Function<T,Route> inner)
      A directive that wraps the inner route with OAuth2 Bearer Token authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateOAuth2Optional

      public <T> Route authenticateOAuth2Optional(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator, Function<Optional<T>,Route> inner)
      A directive that wraps the inner route with OAuth2 Bearer Token authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is optional in this variant.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateOAuth2Async

      public <T> Route authenticateOAuth2Async(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator, Function<T,Route> inner)
      A directive that wraps the inner route with OAuth2 Bearer Token authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateOAuth2AsyncOptional

      public <T> Route authenticateOAuth2AsyncOptional(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator, Function<Optional<T>,Route> inner)
      A directive that wraps the inner route with OAuth2 Bearer Token authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

      Authentication is optional in this variant.

      Parameters:
      realm - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateOrRejectWithChallenge

      public <T> Route authenticateOrRejectWithChallenge(Function<Optional<HttpCredentials>,CompletionStage<scala.util.Either<HttpChallenge,T>>> authenticator, Function<T,Route> inner)
      Lifts an authenticator function into a directive. The authenticator function gets passed in credentials from the Authorization header of the request. If the function returns Right(user) the user object is provided to the inner route. If the function returns Left(challenge) the request is rejected with an AuthenticationFailedRejection that contains this challenge to be added to the response.
      Parameters:
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authenticateOrRejectWithChallenge

      public <C extends HttpCredentials, T> Route authenticateOrRejectWithChallenge(Class<C> c, Function<Optional<C>,CompletionStage<scala.util.Either<HttpChallenge,T>>> authenticator, Function<T,Route> inner)
      Lifts an authenticator function into a directive. Same as authenticateOrRejectWithChallenge but only applies the authenticator function with a certain type of credentials.
      Parameters:
      c - (undocumented)
      authenticator - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authorize

      public Route authorize(Supplier<Object> check, Supplier<Route> inner)
      Applies the given authorization check to the request. If the check fails the route is rejected with an AuthorizationFailedRejection.
      Parameters:
      check - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authorizeWithRequestContext

      public Route authorizeWithRequestContext(akka.japi.function.Function<RequestContext,Object> check, Supplier<Route> inner)
      Applies the given authorization check to the request. If the check fails the route is rejected with an AuthorizationFailedRejection.
      Parameters:
      check - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authorizeAsync

      public Route authorizeAsync(Supplier<CompletionStage<Object>> check, Supplier<Route> inner)
      Applies the given authorization check to the request. If the check fails the route is rejected with an AuthorizationFailedRejection.
      Parameters:
      check - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)

    • authorizeAsyncWithRequestContext

      public Route authorizeAsyncWithRequestContext(akka.japi.function.Function<RequestContext,CompletionStage<Object>> check, Supplier<Route> inner)
      Asynchronous version of authorize(java.util.function.Supplier<java.lang.Object>,java.util.function.Supplier<akka.http.javadsl.server.Route>). If the CompletionStage fails or is completed with false authorization fails and the route is rejected with an AuthorizationFailedRejection.
      Parameters:
      check - (undocumented)
      inner - (undocumented)
      Returns:
      (undocumented)