spray cross-domain is not working cors scala - scala

I am trying to do cross-domain api calling from one server to another. For this OPTIONS request is completing successfully but actual requests(GET, POST, PUT, DELETE) are failing with CORS Missing Allow Origin
Following is the code I'm adding
private val corsResponseHeaders = List(
`Access-Control-Allow-Origin`(AllOrigins),
`Access-Control-Allow-Credentials`(true),
`Access-Control-Allow-Headers`("Authorization", "Content-Type", "Csrf-Token"),
`Access-Control-Max-Age`(1728000)//Tell browser to cache OPTIONS requests
)
//this directive adds access control headers to normal responses
private def addAccessControlHeaders: Directive0 = {
respondWithHeaders(corsResponseHeaders)
}
//this handles preflight OPTIONS requests.
private def preflightRequestHandler: Route = options {
println("allowed-method==================================")
complete(HttpResponse(StatusCodes.OK).
withHeaders(`Access-Control-Allow-Methods`(OPTIONS, POST, PUT, GET, DELETE)))
}
// Wrap the Route with this method to enable adding of CORS headers
def corsHandler(r: Route): Route = addAccessControlHeaders {
println("cors-handler==================================")
preflightRequestHandler ~ r
}
// Helper method to add CORS headers to HttpResponse
// preventing duplication of CORS headers across code
def addCORSHeaders(response: HttpResponse):HttpResponse =
response.withHeaders(corsResponseHeaders)
I'm using it this corsHandler directive as :
lazy val apiRoutes: Route = corsHandler({
pathPrefix("api") {
jsonRoutes ~
reject(UnmatchedPathRejection())
}
})
Note: jsonRoutes contains all routes of GET, POST, PUT, DELETE(so request becomes api/something)
And getting errors as
So how to make these requests work?

I got the same error when my client code sent a request for GET http://localhost:8080//menu, so with a double / after the port number. Removing the extra / from the client call fixed the problem.

Related

Lagom - Add header to response in service call composition

i want to write code which will refresh cookie (via set-cookie http header) in Lagom.
For clarification Cookie is an encoded string (for example AES).
Lets take lagom service call composition for authentication from Implementing services and edit it
def authenticated[Request, Response](
serviceCall: User => ServerServiceCall[Request, Response]
) = ServerServiceCall.composeAsync { requestHeader =>
//Get cookie from header and decode it
val cookie = decodeCookie(requestHeader)
//Get user based on cookie decode function
val userLookup = getUser(cookie)
userLookup.map {
case Some(user) =>
serviceCall(user)
case None => throw Forbidden("User must be authenticated")
}
}
It is possible to manipulate serviceCall(user) response headers?
I tried something like this:
serviceCall( employee ).handleResponseHeader { case (responseHeader, response) =>
responseHeader.withHeader("Set-Cookie",encodeCookie("NewCookieStringExample")) // Add header
response
}
But function handleResponseHeader requires only response[T] as result and header would not be changed because is immutable.
I know that i can pass cookie to serviceCall(user) and in every service call implementation return tuple with ResponseHeader and Response but this will impact all endpoints and will add much more code.
Use of HeaderFilter is possible too but this would decode and encode cookie twice in one request (in header filter and in authenticated service call composition )
Any tips?
You can return the modified Header and the Response as a Tuple:
serviceCall( employee ).handleResponseHeader((responseHeader, response) => {
val modifiedHeader = responseHeader.withHeader("Set-Cookie",encodeCookie("NewCookieStringExample")) // Add header
(modifiedHeader, response)
})
By the way, The provided example does not compile for me. composeAsync wants a Future[ServerServiceCall[...]].

Stub a Http4s 0.20.x Client for testing

I'd like to test that a Http4s Client is being called from my class ClassUnderTest (to make a HTTP request) and that the request made contains the headers I expect.
In 0.18.x, I did something like below. Using a side effect to store the value of the headers so that I can make an assertion after the call. In the example below, f.execute(...) is expected to make a PUT with the client instance and I'm trying to record all request handling and storing the headers.
"Request has headers" >> {
var headers = List[String]()
val client = Client[IO](new Kleisli[IO, Request[IO], DisposableResponse[IO]](request => {
headers = request.headers.map(_.name.toString()).toList
Ok().map(DisposableResponse(_, IO.pure(())))
}), IO.pure(()))
val f = ClassUnderTest(client)
f.execute("example")
headers must_== List(
"Content-Type",
"X-Forwarded-For",
"Content-Length"
)
}
The real code is here if you're interested.
ClassUnderTest took a Client[IO] so I could get the above working.
class ClassUnderTest(client: http4s.Client[IO])
In Http4s 0.20.12, I had to change the signature to:
class ClassUnderTest(client: Resource[IO, http4s.Client[IO]])
...and now I can't figure out how to stub out the client for tests. I experimented with JavaNetClientBuilder but that doesn't help because I can get an instance of Client (after .create) and now I need a Resource[IO, http4s.Client[IO]].
How can I use a test double to stand in for the Client / Resource[F, Client[F]] so that I can test the requests it makes?
The testing page on the docs doesn't really help me. I want a test double, not to test all the functionality of the Service (I don't want to startup a server).

Require header across routes without giving up 404

I’d like to require a header in my akka-http routes and can do so via
val route = headerValueByName("foo") { foo =>
pathPrefix("path") {
get {
...
} ~ ...
}
}
However, now any requests that don't match a path will get rejected with 400 (missing header) and not 404.
Is there a neat way to get around this without repeatedly moving headerValueByName after the path matchers?
That is, is there a way to only apply an outer directive ( headerValueByName) and its rejections if the inner path and method matchers are successful?
You don't specify what you want to do in case the header is not specified, so I'll asume you want to return 400 (Bad request).
A possible solution is to use the optionalHeaderValueByName directive and then complete the request with the specified error, for example:
val route = optionalHeaderValueByName("foo") { optionalHeader =>
optionalHeader map { header =>
// rest of your routes
} getOrElse complete(StatusCodes.BadRequest)
}

Is there a quick built in way to forward a request in the scala Play framework

I'm looking for something like
def proxy = Action.async { implicit req =>
//do something with req
val newRequest = req.map( r = r.path = "http://newurl");
forward(newRequest)
}
I saw that there is a redirect method but that only allows me to pass the request parameters and not everything else, headers, etc.
I am hoping there is something built in so I don't have to build it myself.
I'm not sure if this meets your requirements, but have you had a look into Play's WS.
The action forwardTo gets an url, fetches the according page and returns it as this request's response. It's not exactly like an forward in the Spring framework but it does the job for me.
/**
* Like an internal redirect or an proxy. The URL in the browser doesn't
* change.
*/
public Promise<Result> forwardTo(String url) {
Promise<WS.Response> response = WS.url(url).get();
return response.map(new Function<WS.Response, Result>() {
public Result apply(WS.Response response) {
// Prevent browser from caching pages - this would be an
// security issue
response().setHeader("Cache-control", "no-cache, no-store");
return ok(response.getBody()).as("text/html");
}
});
}
(I'm using Play 2.2.3)

Sending a custom POST https request in dispatch (+cookies, + headers)

There is some documentation about sending post request in dispatch http://dispatch.databinder.net/Combined+Pages.html but yet it's not clear. What are myRequest and myPost there?
I want to send a https post request + add some cookies manually via headers + add some customs headers like form data, etc, and then read the response by reading the headers and cookies.
I only know how to prepare url for sending post request:
val url = host(myUrl + "?check=1&val1=123").secure
What do I do next?
Dispatch is built on top of Async Http Client. Therefore, myRequest in the example:
val myRequest = url("http://example.com/some/path")
is com.ning.http.client.RequestBuilder.
Calling the POST method on RequestBuilder turns the request into a POST request. That's what's happening in the myPost example:
def myPost = myRequest.POST
I often find the Dispatch documentation difficult to follow. For a quick overview of the all the various Dispatch operators, see: Periodic Table of Dispatch Operators
If you're asking how to build a POST request and add custom form parameters, you probably want to use the <<(values) operator like this:
val params = Map("param1" -> "val1", "param2" -> "val2")
val req = url("http://www.example.com/some/path" <<(params)
Likewise if you want to add some custom headers you can use the <:<(map) operator like this:
val headers = Map("x-custom1" -> "val1", "x-custom2" -> "val2")
val req = url("http://www.example.com/some/path" <<(params) <:<(headers)
Update: Actually, there is no POST method on RequestBuilder. The call to POST is part of Dispatch and calls setMethod on the underlying RequestBuilder. See dispatch.MethodVerbs for more details.