I have a simple setup:
routes:
# creates new ticket
PUT /projects/:projectId/tickets controllers.ProjectsController.add(projectId)
App Controller code looks like:
case class TicketData(ticketId: Option[String], ticketName: String, ticketDescription: String)
val addUpdateForm = Form(
mapping(
"ticketId" -> optional(text),
"ticketName" -> text,
"ticketDescription" -> text
)(TicketData.apply)(TicketData.unapply))
def add(projectId: String) = Action { implicit request =>
val ticket = addUpdateForm.bindFromRequest.bindFromRequest.get
Ok(Json.toJson(cassandraClient.addTicket(projectId, ticket.ticketName, ticket.ticketDescription)))
}
When I try to send a req from postman (tried several combos, I have no oauth) I just always get 403 ... there is nothing really useful in logs:
[debug] i.n.u.i.JavassistTypeParameterMatcherGenerator - Generated: io.netty.util.internal.__matchers__.io.netty.channel.ChannelMatcher
[debug] i.n.u.i.JavassistTypeParameterMatcherGenerator - Generated: io.netty.util.internal.__matchers__.io.netty.handler.codec.http.HttpObjectMatcher
[debug] i.n.u.i.JavassistTypeParameterMatcherGenerator - Generated: io.netty.util.internal.__matchers__.io.netty.handler.codec.http.HttpContentMatcher
I'm missing something here and have no idea what to be honest.
It looks like you have a problem with the CORS configuration.
To verify it just allow every request (in application.conf):
play.filters.cors {
pathPrefixes = ["/"]
allowedOrigins = null
allowedHttpMethods = ["GET", "POST", "PUT", "DELETE"]
allowedHttpHeaders = null
}
This post looks very similar:
Trouble-shooting CORS in Play Framework 2.4.x
Related
Edit the Web socket header response sent from server to client.
I am creating a websocket server application using playframework. Right now the websocket response from the server is
taken care by Play. Following is the response header,
Request Header:
(UpgradeToWebSocket,),
(Host,localhost:8083),
(Connection,Upgrade),
(Upgrade,websocket),
(Sec-WebSocket-Version,13),
(Accept-Encoding,gzip, deflate, br),
(Accept-Language,en-US,en;q=0.9),
(Sec-WebSocket-Key,ZvfzpVo3EX4DFA4BRcgRIA==)
def chatSystem(): WebSocket = WebSocket.acceptOrResult[String, String] { request =>
Future.successful{
AuthenticationService.doBasicAuthentication(request.headers) match {
case Results.Ok => Right(ActorFlow.actorRef { out => ChatServiceActor.props(out) })
case _ => Left(Unauthorized)
}
}
}
I want to validate Sec-WebSocket-Protocol if it is present in the request header or add the same with value in the server response if it is not present.
I used the following code:
// Defined at http://tools.ietf.org/html/rfc6455#section-4.2.2
val MagicGuid = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
def websocketAcceptForKey(key: String): String = {
val sha1 = MessageDigest.getInstance("sha1")
val salted = key + MagicGuid
val hash = sha1.digest(salted.asciiBytes)
val acceptKey: String = Base64.rfc2045().encodeToString(hash, false)
acceptKey
}
Use it like the following:
val wsKey: Optional[HttpHeader] = request.getHeader("Sec-WebSocket-Key")
val wsAccept = if (wsKey.isPresent) Some(RawHeader("Sec-WebSocket-Accept", websocketAcceptForKey(wsKey.get.value()))) else None
I am creating an SSE simple example, I create an API with Scalatra and get responses by the interval with the header text/event-stream. It looks like Scalatra doesn't support this type.
This is my simple code,
get("/hello") {
val headers = Map(
"Cache-Control" -> "no-cache",
"Content-Type" -> "text/event-stream",
"Connection" -> "close")
Ok("data: hello world", headers)
}
But I only get a message from server. I want to do something like akka-http
get {
complete {
Source.tick(2.seconds, 2.seconds, ())
.map(_ => LocalTime.now())
.map(dateTimeToServerSentEvent)
.via(WithHeartbeats(1.second))
}
}
Do you guys have any idea how to get a event-stream from by Scalatra?
Thank you.
I send a post to my playframework backend and when I want to print the body I got the Message AnyContentAsEmpty
My controller lools like this:
def createProcess = Action(parse.multipartFormData) { implicit request =>
println(request.body)
Ok("s")
}
my route looks like this
POST /process #controllers.ProcessesController.createProcess()
OPTIONS /process #controllers.ProcessesController.createProcess()
Whats the problem?
Solution is:
in application.conf
# Global fliters
play.http.filters=helpers.Filters
play.filters.cors {
pathPrefixes = ["/"]
allowedOrigins = null
allowedHttpMethods = ["GET", "POST", "PUT", "DELETE", "OPTIONS"]
allowedHttpHeaders = null
preflightMaxAge = 3 days
}
in filters.scala
package helpers
import javax.inject.Inject
import play.api.http.DefaultHttpFilters
import play.filters.cors.CORSFilter
class Filters #Inject()(corsFilter: CORSFilter)
extends DefaultHttpFilters(corsFilter)
I'm trying to set CORS Headers for my play framework app. Specifically I'm getting this error
cannot load http://127.0.0.1:9000/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9000' is therefore not allowed access.
I figured I could easily handle this by following these instructions:
https://www.playframework.com/documentation/2.5.x/CorsFilter
However, after doing this. nothing has changed.
curl -I localhost:9000/
HTTP/1.1 200 OK
Content-Length: 4540
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Jul 2016 20:03:33 GMT
My conf is:
play.http.filters = "global.Filters"
play.filters.cors {
allowedOrigins = ["http://www.example.com", "*"]
allowedHttpMethods = ["GET", "POST"]
allowedHttpHeaders = ["Accept"]
}
and my Filters.scala file is:
package global
import javax.inject.Inject
import play.api.http.DefaultHttpFilters
import play.filters.cors.CORSFilter
class Filters #Inject() (corsFilter: CORSFilter)
extends DefaultHttpFilters(corsFilter)
If someone could tell me why the filters don't seem to be getting applied to the responses, that'd be great.
Play filters are enticing, but when they do not work as expected, as you noticed, the magic is not that easy to track down.
I prefer to use something like this:
implicit class RichResult (result: Result) {
def enableCors = result.withHeaders(
"Access-Control-Allow-Origin" -> "*"
, "Access-Control-Allow-Methods" -> "OPTIONS, GET, POST, PUT, DELETE, HEAD" // OPTIONS for pre-flight
, "Access-Control-Allow-Headers" -> "Accept, Content-Type, Origin, X-Json, X-Prototype-Version, X-Requested-With" //, "X-My-NonStd-Option"
, "Access-Control-Allow-Credentials" -> "true"
)
}
Then you can easily invoke it in your response like this:
Ok(Json.obj("ok" -> "1")).enableCors
It's easy to understand, can be placed only where you want to enable CORS, and very easy to debug!
I would not recommend writing/using any code to enable CORS which is basically a framework feature and only needs configuration.
The stuff you copied from the documentation is correct:
cors.conf where you modify the play.filters.cors settings. But you seem to have misconfigured something, e.g. the allowedOrigin = * should be configured as null in the config. (Have a look at the documentation page and the linked reference.conf)
# The allowed origins. If null, all origins are allowed.
play.filters.cors.allowedOrigins = null
You have correctly enabled the CORSFilter in your Filters.scala
Now test your configuration with a correct cURL CORS request:
curl -H "Origin: http://example.com" \
-H "Access-Control-Request-Method: GET" \
-H "Access-Control-Request-Headers: X-Requested-With" \
-X OPTIONS --verbose \
http://localhost:9000/
for me it worked after one day (maybe cash or other things)
application.conf:
play.http.filters = "filters.Filters"
play.filters.cors {
# allow all paths
pathPrefixes = ["/"]
# allow all origins (You can specify if you want)
allowedOrigins = null
allowedHttpMethods = ["GET", "POST"]
# allow all headers
allowedHttpHeaders = null
}
build.sbt :
val appDependencies = Seq(
filters,
....
)
in package filters.Filter :
package filters;
import javax.inject.Inject;
import play.mvc.EssentialFilter;
import play.filters.cors.CORSFilter;
import play.http.DefaultHttpFilters;
public class Filters extends DefaultHttpFilters {
CORSFilter corsFilter;
#Inject
public Filters(CORSFilter corsFilter) {
super(corsFilter);
this.corsFilter = corsFilter;
}
public EssentialFilter[] filters() {
return new EssentialFilter[] { corsFilter.asJava() };
}
}
and in my ajax call:
$.ajax({
method:'GET',
url: xxxxxxxx',
dataType: 'json',
headers: {'url': yyyyy,
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'GET, POST, PUT',
'Access-Control-Allow-Headers': 'Content-Type'
},
success: function(data) {
....});
i have no more error, in prod and in local environment !! thank you all
The play example for using Oauth and Twitter is show below.
In the Play Framework I am still learning how to use redirects and routes. How would you set up the routes file and the Appliction.scala file to handle this redirect?
Redirect(routes.Application.index).withSession("token" -> t.token, "secret" -> t.secret)
Would the routes be something like this?
GET /index controllers.Application.index(String, String)
Link to Play Framework documentation with the example code http://www.playframework.com/documentation/2.0/ScalaOAuth
object Twitter extends Controller {
val KEY = ConsumerKey("xxxxx", "xxxxx")
val TWITTER = OAuth(ServiceInfo(
"https://api.twitter.com/oauth/request_token",
"https://api.twitter.com/oauth/access_token",
"https://api.twitter.com/oauth/authorize", KEY),
false)
def authenticate = Action { request =>
request.queryString.get("oauth_verifier").flatMap(_.headOption).map { verifier =>
val tokenPair = sessionTokenPair(request).get
// We got the verifier; now get the access token, store it and back to index
TWITTER.retrieveAccessToken(tokenPair, verifier) match {
case Right(t) => {
// We received the authorized tokens in the OAuth object - store it before we proceed
Redirect(routes.Application.index).withSession("token" -> t.token, "secret" -> t.secret)
}
case Left(e) => throw e
}
}.getOrElse(
TWITTER.retrieveRequestToken("http://localhost:9000/auth") match {
case Right(t) => {
// We received the unauthorized tokens in the OAuth object - store it before we proceed
Redirect(TWITTER.redirectUrl(t.token)).withSession("token" -> t.token, "secret" -> t.secret)
}
case Left(e) => throw e
})
}
def sessionTokenPair(implicit request: RequestHeader): Option[RequestToken] = {
for {
token <- request.session.get("token")
secret <- request.session.get("secret")
} yield {
RequestToken(token, secret)
}
}
}
It turned out that the reasons I had so many intermittent problems with routes and redirect was a combination of the versions of play, version of scala and the version of ScalaIDE for Eclipse. Using Play version 2.2.3, scala version 2.10.4 and ScalaIDE version 2.10.x solved the routes and redirect problems.
The following import statements are needed for the Twitter example.
import play.api.libs.oauth.ConsumerKey
import play.api.libs.oauth.ServiceInfo
import play.api.libs.oauth.OAuth
import play.api.libs.oauth.RequestToken
If your route is like this:
GET /index controllers.Application.index(param1:String, param2:String)
Then the reverse route would look like this:
routes.Application.index("p1", "p2")
Which would result in something like this:
/index?param1=p1¶m2=p2
Make sure that the documentation you are looking at is of the correct version, for 2.2.x you would need this url: http://www.playframework.com/documentation/2.2.x/ScalaOAuth