Package org.apache.pekko.http.javadsl.server.directives

Class SecurityDirectives

java.lang.Object

org.apache.pekko.http.javadsl.server.directives.BasicDirectives

org.apache.pekko.http.javadsl.server.directives.CacheConditionDirectives

org.apache.pekko.http.javadsl.server.directives.CodingDirectives

org.apache.pekko.http.javadsl.server.directives.CookieDirectives

org.apache.pekko.http.javadsl.server.directives.DebuggingDirectives

org.apache.pekko.http.javadsl.server.directives.ExecutionDirectives

org.apache.pekko.http.javadsl.server.directives.FileAndResourceDirectives

org.apache.pekko.http.javadsl.server.directives.FileUploadDirectives

org.apache.pekko.http.javadsl.server.directives.FormFieldDirectives

org.apache.pekko.http.javadsl.server.directives.FutureDirectives

org.apache.pekko.http.javadsl.server.directives.HeaderDirectives

org.apache.pekko.http.javadsl.server.directives.AttributeDirectives

org.apache.pekko.http.javadsl.server.directives.HostDirectives

org.apache.pekko.http.javadsl.server.directives.MarshallingDirectives

org.apache.pekko.http.javadsl.server.directives.MethodDirectives

org.apache.pekko.http.javadsl.server.directives.MiscDirectives

org.apache.pekko.http.javadsl.server.directives.ParameterDirectives

org.apache.pekko.http.javadsl.server.directives.PathDirectives

org.apache.pekko.http.javadsl.server.directives.RangeDirectives

org.apache.pekko.http.javadsl.server.directives.RespondWithDirectives

org.apache.pekko.http.javadsl.server.directives.RouteDirectives

org.apache.pekko.http.javadsl.server.directives.SchemeDirectives

org.apache.pekko.http.javadsl.server.directives.SecurityDirectives

Direct Known Subclasses:

WebSocketDirectives

public abstract class SecurityDirectives
extends SchemeDirectives

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	SecurityDirectives.ProvidedCredentials	Represents HTTP Basic or OAuth2 authentication credentials supplied with a request.
static class	SecurityDirectives.ProvidedCredentials$

Constructor Summary

Constructors

Constructor	Description
SecurityDirectives()

Method Summary

Modifier and Type	Method	Description
<T> Route	authenticateBasic(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator, Function<T,Route> inner)	Wraps the inner route with Http Basic authentication support using a given Authenticator[T].
<T> Route	authenticateBasicAsync(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator, Function<T,Route> inner)	Wraps the inner route with Http Basic authentication support.
<T> Route	authenticateBasicAsyncOptional(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator, Function<Optional<T>,Route> inner)	Wraps the inner route with Http Basic authentication support.
<T> Route	authenticateBasicOptional(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator, Function<Optional<T>,Route> inner)	Wraps the inner route with Http Basic authentication support using a given Authenticator[T].
<T> Route	authenticateBasicPF(String realm, scala.PartialFunction<Optional<SecurityDirectives.ProvidedCredentials>,T> authenticator, Function<T,Route> inner)	Wraps the inner route with Http Basic authentication support.
<T> Route	authenticateBasicPFAsync(String realm, scala.PartialFunction<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<T>> authenticator, Function<T,Route> inner)	Wraps the inner route with Http Basic authentication support.
<T> Route	authenticateOAuth2(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator, Function<T,Route> inner)	A directive that wraps the inner route with OAuth2 Bearer Token authentication support.
<T> Route	authenticateOAuth2Async(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator, Function<T,Route> inner)	A directive that wraps the inner route with OAuth2 Bearer Token authentication support.
<T> Route	authenticateOAuth2AsyncOptional(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator, Function<Optional<T>,Route> inner)	A directive that wraps the inner route with OAuth2 Bearer Token authentication support.
<T> Route	authenticateOAuth2Optional(String realm, Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator, Function<Optional<T>,Route> inner)	A directive that wraps the inner route with OAuth2 Bearer Token authentication support.
<C extends HttpCredentials, T> Route	authenticateOrRejectWithChallenge(Class<C> c, Function<Optional<C>,CompletionStage<scala.util.Either<HttpChallenge,T>>> authenticator, Function<T,Route> inner)	Lifts an authenticator function into a directive.
<T> Route	authenticateOrRejectWithChallenge(Function<Optional<HttpCredentials>,CompletionStage<scala.util.Either<HttpChallenge,T>>> authenticator, Function<T,Route> inner)	Lifts an authenticator function into a directive.
Route	authorize(Supplier<Object> check, Supplier<Route> inner)	Applies the given authorization check to the request.
Route	authorizeAsync(Supplier<CompletionStage<Object>> check, Supplier<Route> inner)	Applies the given authorization check to the request.
Route	authorizeAsyncWithRequestContext(org.apache.pekko.japi.function.Function<RequestContext,CompletionStage<Object>> check, Supplier<Route> inner)	Asynchronous version of authorize(java.util.function.Supplier<java.lang.Object>,java.util.function.Supplier<org.apache.pekko.http.javadsl.server.Route>).
Route	authorizeWithRequestContext(org.apache.pekko.japi.function.Function<RequestContext,Object> check, Supplier<Route> inner)	Applies the given authorization check to the request.
Route	extractCredentials(Function<Optional<HttpCredentials>,Route> inner)	Extracts the potentially present HttpCredentials provided with the request's pekko.http.javadsl.model.headers.Authorization header.

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.SchemeDirectives

extractScheme, scheme

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.RouteDirectives

complete, complete, complete, complete, complete, complete, complete, complete, complete, complete, complete, complete, complete, complete, complete, complete, completeOK, completeOKWithFuture, completeOKWithFuture, completeOKWithFuture, completeOKWithFutureString, completeOKWithFutureString, completeWithFuture, completeWithFuture, completeWithFuture, completeWithFutureResponse, completeWithFutureStatus, completeWithFutureStatus, concat, concat, failWith, handle, handleSync, redirect, reject, reject, reject, route, route

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.RespondWithDirectives

respondWithDefaultHeader, respondWithDefaultHeaders, respondWithHeader, respondWithHeaders

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.RangeDirectives

withRangeSupport

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.PathDirectives

ignoreTrailingSlash, path, path, path, path, path, path, pathEnd, pathEndOrSingleSlash, pathPrefix, pathPrefix, pathPrefix, pathPrefix, pathPrefix, pathPrefix, pathPrefixTest, pathPrefixTest, pathPrefixTest, pathPrefixTest, pathSingleSlash, pathSuffix, pathSuffix, pathSuffix, pathSuffix, pathSuffixTest, pathSuffixTest, pathSuffixTest, pathSuffixTest, rawPathPrefix, rawPathPrefix, rawPathPrefix, rawPathPrefix, rawPathPrefixTest, rawPathPrefixTest, rawPathPrefixTest, rawPathPrefixTest, redirectToNoTrailingSlashIfPresent, redirectToTrailingSlashIfMissing

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.ParameterDirectives

parameter, parameter, parameterList, parameterList, parameterList, parameterMap, parameterMultiMap, parameterOptional, parameterOptional, parameterOrDefault, parameterRequiredValue

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.MiscDirectives

extractClientIP, rejectEmptyResponse, requestEntityEmpty, requestEntityPresent, selectPreferredLanguage, validate, withoutSizeLimit, withSizeLimit

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.MethodDirectives

delete, extractMethod, get, head, method, options, overrideMethodWithParameter, patch, post, put

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.MarshallingDirectives

completeWith, entity, handleWith, request

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.HostDirectives

extractHost, host, host, host, host

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.AttributeDirectives

attribute, optionalAttribute

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.HeaderDirectives

checkSameOrigin, headerValue, headerValueByName, headerValueByType, headerValuePF, optionalHeaderValue, optionalHeaderValueByName, optionalHeaderValueByType, optionalHeaderValuePF

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.FutureDirectives

completeOrRecoverWith, onComplete, onComplete, onCompleteWithBreaker, onSuccess, onSuccess

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.FormFieldDirectives

formField, formField, formFieldList, formFieldList, formFieldList, formFieldMap, formFieldMultiMap, formFieldOptional, formFieldOptional

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.FileUploadDirectives

fileUpload, fileUploadAll, storeUploadedFile, storeUploadedFiles

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.FileAndResourceDirectives

defaultContentTypeResolver, defaultDirectoryRenderer, getFromBrowseableDirectories, getFromBrowseableDirectories, getFromBrowseableDirectories, getFromBrowseableDirectories, getFromBrowseableDirectories, getFromBrowseableDirectory, getFromBrowseableDirectory, getFromBrowseableDirectory, getFromBrowseableDirectory, getFromDirectory, getFromDirectory, getFromFile, getFromFile, getFromFile, getFromFile, getFromFile, getFromResource, getFromResource, getFromResource, getFromResource, getFromResourceDirectory, getFromResourceDirectory, getFromResourceDirectory, getFromResourceDirectory, listDirectoryContents, listDirectoryContents, listDirectoryContents, listDirectoryContents

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.ExecutionDirectives

handleExceptions, handleRejections

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.DebuggingDirectives

logRequest, logRequest, logRequest, logRequestResult, logRequestResultOptional, logResult, logResult, logResult

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.CookieDirectives

cookie, deleteCookie, deleteCookie, deleteCookie, deleteCookie, deleteCookie, optionalCookie, setCookie, setCookie

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.CodingDirectives

decodeRequest, decodeRequestWith, decodeRequestWith, encodeResponse, encodeResponseWith, requestEncodedWith, responseEncodingAccepted, withPrecompressedMediaTypeSupport

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.CacheConditionDirectives

conditional, conditional, conditional, conditional

Methods inherited from class org.apache.pekko.http.javadsl.server.directives.BasicDirectives

cancelRejection, cancelRejections, cancelRejections, extract, extractActorSystem, extractDataBytes, extractEntity, extractExecutionContext, extractLog, extractMatchedPath, extractMaterializer, extractParserSettings, extractRequest, extractRequestContext, extractRequestEntity, extractSettings, extractStrictEntity, extractStrictEntity, extractStrictEntity, extractStrictEntity, extractUnmatchedPath, extractUri, mapInnerRoute, mapRejections, mapRequest, mapRequestContext, mapResponse, mapResponseEntity, mapResponseHeaders, mapRouteResult, mapRouteResultFuture, mapRouteResultPF, mapRouteResultWith, mapRouteResultWithPF, mapSettings, mapUnmatchedPath, pass, provide, recoverRejections, recoverRejectionsWith, toStrictEntity, toStrictEntity, toStrictEntity, toStrictEntity, withExecutionContext, withLog, withMaterializer, withSettings

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecurityDirectives

public SecurityDirectives()

Method Details

extractCredentials

public Route extractCredentials(Function<Optional<HttpCredentials>,Route> inner)

Extracts the potentially present HttpCredentials provided with the request's pekko.http.javadsl.model.headers.Authorization header.

Parameters:

inner - (undocumented)

Returns:

(undocumented)

authenticateBasic

public <T> Route authenticateBasic(String realm,
 Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator,
 Function<T,Route> inner)

Wraps the inner route with Http Basic authentication support using a given Authenticator[T]. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateBasicPF

public <T> Route authenticateBasicPF(String realm,
 scala.PartialFunction<Optional<SecurityDirectives.ProvidedCredentials>,T> authenticator,
 Function<T,Route> inner)

Wraps the inner route with Http Basic authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateBasicPFAsync

public <T> Route authenticateBasicPFAsync(String realm,
 scala.PartialFunction<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<T>> authenticator,
 Function<T,Route> inner)

Wraps the inner route with Http Basic authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateBasicOptional

public <T> Route authenticateBasicOptional(String realm,
 Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator,
 Function<Optional<T>,Route> inner)

Wraps the inner route with Http Basic authentication support using a given Authenticator[T]. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is optional in this variant.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateBasicAsync

public <T> Route authenticateBasicAsync(String realm,
 Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator,
 Function<T,Route> inner)

Wraps the inner route with Http Basic authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateBasicAsyncOptional

public <T> Route authenticateBasicAsyncOptional(String realm,
 Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator,
 Function<Optional<T>,Route> inner)

Wraps the inner route with Http Basic authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is optional in this variant.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateOAuth2

public <T> Route authenticateOAuth2(String realm,
 Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator,
 Function<T,Route> inner)

A directive that wraps the inner route with OAuth2 Bearer Token authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateOAuth2Optional

public <T> Route authenticateOAuth2Optional(String realm,
 Function<Optional<SecurityDirectives.ProvidedCredentials>,Optional<T>> authenticator,
 Function<Optional<T>,Route> inner)

A directive that wraps the inner route with OAuth2 Bearer Token authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is optional in this variant.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateOAuth2Async

public <T> Route authenticateOAuth2Async(String realm,
 Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator,
 Function<T,Route> inner)

A directive that wraps the inner route with OAuth2 Bearer Token authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is required in this variant, i.e. the request is rejected if [authenticator] returns Optional.empty.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateOAuth2AsyncOptional

public <T> Route authenticateOAuth2AsyncOptional(String realm,
 Function<Optional<SecurityDirectives.ProvidedCredentials>,CompletionStage<Optional<T>>> authenticator,
 Function<Optional<T>,Route> inner)

A directive that wraps the inner route with OAuth2 Bearer Token authentication support. The given authenticator determines whether the credentials in the request are valid and, if so, which user object to supply to the inner route.

Authentication is optional in this variant.

Parameters:

realm - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateOrRejectWithChallenge

public <T> Route authenticateOrRejectWithChallenge(Function<Optional<HttpCredentials>,CompletionStage<scala.util.Either<HttpChallenge,T>>> authenticator,
 Function<T,Route> inner)

Lifts an authenticator function into a directive. The authenticator function gets passed in credentials from the pekko.http.javadsl.model.headers.Authorization header of the request. If the function returns Right(user) the user object is provided to the inner route. If the function returns Left(challenge) the request is rejected with an pekko.http.javadsl.server.AuthenticationFailedRejection that contains this challenge to be added to the response.

Parameters:

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authenticateOrRejectWithChallenge

public <C extends HttpCredentials,
T> Route authenticateOrRejectWithChallenge(Class<C> c,
 Function<Optional<C>,CompletionStage<scala.util.Either<HttpChallenge,T>>> authenticator,
 Function<T,Route> inner)

Lifts an authenticator function into a directive. Same as authenticateOrRejectWithChallenge but only applies the authenticator function with a certain type of credentials.

Parameters:

c - (undocumented)

authenticator - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authorize

public Route authorize(Supplier<Object> check,
 Supplier<Route> inner)

Applies the given authorization check to the request. If the check fails the route is rejected with an pekko.http.javadsl.server.AuthorizationFailedRejection.

Parameters:

check - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authorizeWithRequestContext

public Route authorizeWithRequestContext(org.apache.pekko.japi.function.Function<RequestContext,Object> check,
 Supplier<Route> inner)

Applies the given authorization check to the request. If the check fails the route is rejected with an pekko.http.javadsl.server.AuthorizationFailedRejection.

Parameters:

check - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authorizeAsync

public Route authorizeAsync(Supplier<CompletionStage<Object>> check,
 Supplier<Route> inner)

Applies the given authorization check to the request. If the check fails the route is rejected with an pekko.http.javadsl.server.AuthorizationFailedRejection.

Parameters:

check - (undocumented)

inner - (undocumented)

Returns:

(undocumented)

authorizeAsyncWithRequestContext

public Route authorizeAsyncWithRequestContext(org.apache.pekko.japi.function.Function<RequestContext,CompletionStage<Object>> check,
 Supplier<Route> inner)

Asynchronous version of authorize(java.util.function.Supplier<java.lang.Object>,java.util.function.Supplier<org.apache.pekko.http.javadsl.server.Route>). If the CompletionStage fails or is completed with false authorization fails and the route is rejected with an pekko.http.javadsl.server.AuthorizationFailedRejection.

Parameters:

check - (undocumented)

inner - (undocumented)

Returns:

(undocumented)