Hi Alan,
here are a few steps to get there:
* provide all your different authentication directives as values of type
`Directive1[T]` with T being the type of the principal found after
successful authentication.
* To build those, use either one of the existing authentication directives
starting with `async` or built a directive on your own building on the
future directives like `onComplete`.
* In the end combine directives with the `|` operator.
* In the best case all of the directive would return the same rejection if
authentication fails. If that's not the case you can either map each of the
rejections or add a rejection handler around the combination.
For example:
def basicAuth: Directive1[User] = authenticateBasic(null, authenticate)
def authenticateUserPass(user: String, pass: String): Future[User] = ...
def xAuth: Directive1[User] =
(headerValueByName("X-Auth-User") &
headerValueByName("X-Auth-Key")).flatMap { (user, pass) => // <- user
flatMap for custom directives
onComplete(authenticateUserPass).flatMap {
case Success(user) => provide(user)
case Failure(ex) => reject(/* with whatever you want */)
}
}
def sessionAuth: Directive1[User] = // probably similar to xAuth
def combinedAuth = basicAuth | xAuth | sessionAuth
// and then use it
combinedAuth { user =>
// ...
}
HTH,
Johannes
On Saturday, December 31, 2016 at 2:17:36 PM UTC+1, Alan Burlison wrote:
>
> > Have you seen the complete list of directives?
> > There's many directives with "Async" that means that they work on
> Futures.
>
> I've seen the async authorization directives but none of them fit the
> header mechanism I'm trying to emulate.
> authenticateOrRejectWithChallenge() seems to come closest but on
> failure I don't want a challenge response, just a rejection.
>
> I see onComplete() takes a future which looks closer to what I want
> but how you'd combine an authenticateBasicAsync with two other
> Future-based custom authentication mechanisms so that you get a single
> result or a rejection is completely unclear to me.
>
> I must say that I'm finding the high level Akka-HTTP API rather
> difficult to use, for simple cases it all looks so easy but as soon as
> you step outside of that it immediately gets incredibly complicated
> :-/
>
> --
> Alan Burlison
> --
>
--
>>>>>>>>>> Read the docs: http://akka.io/docs/
>>>>>>>>>> Check the FAQ:
>>>>>>>>>> http://doc.akka.io/docs/akka/current/additional/faq.html
>>>>>>>>>> Search the archives: https://groups.google.com/group/akka-user
---
You received this message because you are subscribed to the Google Groups "Akka
User List" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/akka-user.
For more options, visit https://groups.google.com/d/optout.
