I'm trying to craft a ScalaInterceptor that looks for an X-Forwarded-Proto header, so basically if its in production or behind a proxy then Play! auto redirects to SSL.
I've run into issues with getting this code to compile, and I'm also not sure whether this will work with the SecureSocial plugin. There are specific reasons why we aren't setting SSL=true in SecureSocial.conf that I won't go into here.
Here's what I have in my Global.scala
def WithHttpsRedirect[A](action: Action[A]): Action[A] = {
Action(action.parser) { request =>
val result = action(request)
request.headers.get("X-Forwarded-Proto").collect {
case "https" =>
result
case "http" =>
val url = "https://"+request.host+request.uri
Redirect(url)
} getOrElse {
result
}
}
}
override def onRouteRequest(request: RequestHeader): Option[Handler] = {
super.onRouteRequest(request).map { handler =>
handler match {
case a: Action[_] => WithHttpsRedirect(a)
case _ => handler
}
}
}
I'm getting a compiler error after the getOrElse:
[error] found : scala.concurrent.Future[play.api.mvc.SimpleResult]
[error] required: play.api.mvc.Result
[error] result
[error] ^
Your help is greatly appreciated!
Replace:
Action(action.parser) { request =>
with:
Action.async(action.parser) { request =>
You made need to also replace:
Redirect(url)
with:
Future.successful(Redirect(url))
Changed my method of attack, and instead implemented a filter instead of overriding onRouteRequest:
In Global.scala:
object Global extends WithFilters(HttpsFilter) with GlobalSettings
then HttpsFilter.scala:
import play.api.mvc.Results._
import play.api.mvc.{SimpleResult, RequestHeader, Filter}
import scala.concurrent._
import ExecutionContext.Implicits.global
object HttpsFilter extends Filter {
def apply(next: (RequestHeader) => Future[SimpleResult])(request: RequestHeader): Future[SimpleResult] = {
request.headers.get("X-Forwarded-Proto").collect {
case "https" =>
next(request)
case "http" =>
val url = "https://"+request.host+request.uri
Future{ Redirect(url) }
} getOrElse {
next(request)
}
}
}
Related
I am not understanding something about this example in Play 2.7 documentation
class ExampleSpec extends PlaySpec with GuiceOneServerPerSuite {
// Override app if you need an Application with other than
// default parameters.
override def fakeApplication(): Application = {
GuiceApplicationBuilder()
.appRoutes(app => {
case ("GET", "/") => app.injector.instanceOf(classOf[DefaultActionBuilder]) { Ok("ok") }
}).build()
}
"test server logic" in {
val wsClient = app.injector.instanceOf[WSClient]
val myPublicAddress = s"localhost:$port"
val testPaymentGatewayURL = s"http://$myPublicAddress"
// The test payment gateway requires a callback to this server before it returns a result...
val callbackURL = s"http://$myPublicAddress/callback"
// await is from play.api.test.FutureAwaits
val response = await(wsClient.url(testPaymentGatewayURL).addQueryStringParameters("callbackURL" -> callbackURL).get())
response.status mustBe OK
}
}
The problem is this code:
.appRoutes(app => {
case ("GET", "/") => app.injector.instanceOf(classOf[DefaultActionBuilder]) { Ok("ok") }
I get message that it expecting Application => PartialFunction[(String, String), Handler]
What is Handler? Is my controller?
This is down to lack of type inference I assume.
If you add the required type annotation (i.e. add : PartialFunction[(String, String), Handler]) you should be able to compile:
override def fakeApplication(): Application = {
GuiceApplicationBuilder()
.appRoutes(app => {
case ("GET", "/") => app.injector.instanceOf(classOf[DefaultActionBuilder]) { x => play.api.mvc.Results.Forbidden }
}: PartialFunction[(String, String), Handler]
).build()
}
I have this piece of code in the PLAY framework
def ws: WebSocket = WebSocket.acceptOrResult[JsValue, JsValue] { rh =>
implicit val req = Request(rh, AnyContentAsEmpty)
silhouette.SecuredRequestHandler { securedRequest =>
Future.successful(HandlerResult(Ok, Some(securedRequest.identity)))
}.map {
case HandlerResult(_, Some(_)) => wsFutureFlow(rh).map { flow => Right(flow) }
case HandlerResult(r, None) => Left(r)
}
// wsFutureFlow(rh).map { flow =>
// Right(flow)
// }.recover {
// case e: Exception =>
// logger.error("Cannot create websocket", e)
// val jsError = Json.obj("error" -> "Cannot create websocket")
// val result = InternalServerError(jsError)
// Left(result)
// }
}
private def wsFutureFlow(request: RequestHeader): Future[Flow[JsValue, JsValue, NotUsed]] = {
// Use guice assisted injection to instantiate and configure the child actor.
implicit val timeout = Timeout(1.second) // the first run in dev can take a while :-(
val future: Future[Any] = userParentActor ? UserParentActor.Create(request.id.toString)
val futureFlow: Future[Flow[JsValue, JsValue, NotUsed]] = future.mapTo[Flow[JsValue, JsValue, NotUsed]]
futureFlow
}
I'm a beginner to scala and essentially what I am trying to do is authenticate the request to the ws endpoint. If it's authenticated, then I give it a Flow[JsValue, JsValue, None] to act as the WebSocket connection otherwise I need to return a Result. The issue I am having is I can't quite figure out how to design the futures correctly. For context, here is the authenticated endpoint example in the documentation https://www.silhouette.rocks/docs/endpoints.
The line that doesn't compile is the below:
case HandlerResult(_, Some(_)) => wsFutureFlow(rh).map { flow => Right(flow) }
The function I'm passing to WebSocket.acceptOrResult[JsValue, JsValue] needs to return a Future[Either[Result, Flow[In, Out, _]]]. As you can see in the line that doesn't compile I'm trying to Right() the Flow, but it's not quite right. The commented section does compile though. Here is the compile error
[error] /home/julian/IdeaProjects/crypto-bloomberg-app/app-admin/src/main/scala/admin/controllers/HomeController.scala:32:62: type mismatch;
[error] found : scala.concurrent.Future[scala.util.Right[Nothing,akka.stream.scaladsl.Flow[play.api.libs.json.JsValue,play.api.libs.json.JsValue,akka.NotUsed]]]
[error] required: Either[play.api.mvc.Result,akka.stream.scaladsl.Flow[play.api.libs.json.JsValue, play.api.libs.json.JsValue, _]]
[error] case HandlerResult(_, Some(_)) => wsFutureFlow(rh).map { flow => Right(flow) }
[error] ^
[error] one error found
[error] (app-admin/compile:compileIncremental) Compilation failed
[error] Total time: 4 s, completed 21-Mar-2018 4:29:04 PM
Thanks
Use flatMap instead of map:
def ws: WebSocket = WebSocket.acceptOrResult[JsValue, JsValue] { rh =>
implicit val req = Request(rh, AnyContentAsEmpty)
silhouette.SecuredRequestHandler { securedRequest =>
Future.successful(HandlerResult(Ok, Some(securedRequest.identity)))
} flatMap {
case HandlerResult(_, Some(_)) => wsFutureFlow(rh).map(Right(_))
case HandlerResult(r, None) => Future.successful(Left(r))
}
}
I've been trying to use websocket on play framework 2.5 in scala.
Now, I want to exchange multiple message types.
But, I get the following errors when a client sends a json via websocket.
Do I have to choose different way to exchange multiple message types?
missing something or is there any easier way?
[error] a.a.OneForOneStrategy - {"sort":"post", "to":"receiver","message":"Test"} (of class play.api.libs.json.JsObject)
scala.MatchError: {"sort":"post", "to":"receiver","message":"Test"} (of class play.api.libs.json.JsObject)
at controllers.MessageController$MessageActor$$anonfun$receive$1.applyOrElse(MessageController.scala:72)
at akka.actor.Actor$class.aroundReceive(Actor.scala:514)
at controllers.MessageController$MessageActor.aroundReceive(MessageController.scala:63)
at akka.actor.ActorCell.receiveMessage(ActorCell.scala:527)
at akka.actor.ActorCell.invoke(ActorCell.scala:496)
at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:257)
at akka.dispatch.Mailbox.run(Mailbox.scala:224)
at akka.dispatch.Mailbox.exec(Mailbox.scala:234)
at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
models.scala
abstract class WSMessageIn()
// Classes for input
case class PostMessage(
sort: String = "post",
to: String,
...
message: Option[String] = None
) extends WSMessageIn
object PostMessage {
implicit val postMessageFormat = Json.format[PostMessage]
}
case class MessageFromIn(
sort: String = "receive",
from: String,
...
message: Option[String] = None
) extends WSMessageIn
object MessageFromIn {
implicit val messageFromInFormat = Json.format[MessageFromIn]
}
object WSMessageIn {
implicit def json2object(value: JsValue): WSMessageIn = {
(value \ "sort").as[String] match {
case "post" => value.as[PostMessage]
case "receive" => value.as[MessageFromIn]
}
}
implicit def object2json(in: WSMessageIn): JsValue = {
in match {
case in: PostMessage => Json.toJson(in)
case in: MessageFromIn => Json.toJson(in)
}
}
}
MessageController.scala
class MessageController #Inject() (
silhouette: Silhouette[DefaultEnv],
..
implicit val system: ActorSystem,
implicit val materializer: Materializer)
extends Controller {
class MessageActor(out: ActorRef) extends Actor {
override def receive = {
case message: JsValue =>
message match { // !!The error occurs here
case message: PostMessage =>
...
case message: MessageFromIn =>
...
}
}
}
object MessageActor {
def props(out: ActorRef) = Props(new MessageActor(out))
}
implicit val messageFlowTransformer = MessageFlowTransformer.jsonMessageFlowTransformer[JsValue, JsValue]
def socket() = WebSocket.acceptOrResult[JsValue, JsValue] { request =>
implicit val req = Request(request, AnyContentAsEmpty)
silhouette.SecuredRequestHandler { securedRequest =>
Future.successful(HandlerResult(Ok, Some(securedRequest.identity)))
}.map {
case HandlerResult(r, Some(user)) => Right(ActorFlow.actorRef(out => MessageActor.props(out)))
case HandlerResult(r, None) => Left(r)
}
}
}
As is: WebSocket.acceptOrResult[JsValue, JsValue] you expect your websocket to receive JsValue.
This seems to match you code below in MessageActor:
override def receive = {
case message: JsValue => // ...
}
However, you shouldn't expect the conversion from JsValue to WSMessageIn to happen without your intervention.
What you could do is simply:
override def receive = {
case message: JsValue =>
WSMessageIn.json2object(message) match {
case message: PostMessage =>
...
case message: MessageFromIn =>
...
}
}
You were probably expecting an implicitly conversion, you can get it by giving a hint to the compiler (i.e., saying what you expect):
override def receive = {
case message: JsValue =>
(message: WSMessageIn) match {
case message: PostMessage =>
...
case message: MessageFromIn =>
...
}
}
Note: you could turn abstract class WSMessageIn() into: sealed trait WSMessageIn
As anyone managed to integrate Deadbolt2 with Silhouette/SecureSocial ?
I find Silhouette Authorization a bit basic and Deadbolt2 meets all the requirements.
Thanks
I've sketched out a rough approach here, but I'll evolve it to a full working example based on the play-silhouette-seed-master activator template when I get time.
Two main steps are required.
Firstly, your com.mohiva.play.silhouette.api.Identity implementation also needs to implement be.objectify.deadbolt.scala.models.Subject.
Secondly, borrow some code from com.mohiva.play.silhouette.api.RequestHandlerBuilder and integrate it into your DeadboltHandler implementation.
import javax.inject.Inject
import be.objectify.deadbolt.scala.models.Subject
import be.objectify.deadbolt.scala.{ AuthenticatedRequest, DeadboltHandler, DynamicResourceHandler }
import com.mohiva.play.silhouette.api.{ LoginInfo, RequestProvider, Silhouette }
import com.mohiva.play.silhouette.impl.authenticators.CookieAuthenticator
import models.User
import play.api.mvc.Results._
import play.api.mvc.{ Request, Result }
import utils.auth.DefaultEnv
import scala.concurrent.ExecutionContext.Implicits.global
import scala.concurrent.Future
class MyDeadboltHandler #Inject() (silhouette: Silhouette[DefaultEnv]) extends DeadboltHandler {
override def beforeAuthCheck[A](request: Request[A]): Future[Option[Result]] = Future.successful(None)
override def getSubject[A](request: AuthenticatedRequest[A]): Future[Option[Subject]] =
if (request.subject.isDefined) {
Future.successful(request.subject)
} else {
// this else branch is taken from com.mohiva.play.silhouette.api.RequestHandlerBuilder
silhouette.env.authenticatorService.retrieve(request).flatMap {
// A valid authenticator was found so we retrieve also the identity
case Some(a) if a.isValid =>
silhouette.env.identityService.retrieve(a.loginInfo).map(i => i)
// An invalid authenticator was found so we needn't retrieve the identity
case Some(a) if !a.isValid => Future.successful(None)
// No authenticator was found so we try to authenticate with a request provider
case None => handleRequestProviderAuthentication(request).flatMap {
// Authentication was successful, so we retrieve the identity and create a new authenticator for it
case Some(loginInfo) => silhouette.env.identityService.retrieve(loginInfo).flatMap { (i: Option[User]) =>
silhouette.env.authenticatorService.create(loginInfo)(request).map((a: CookieAuthenticator) => i)
}
// No identity and no authenticator was found
case None => Future.successful(None)
}
}
}
// this whole function is taken from com.mohiva.play.silhouette.api.RequestHandlerBuilder
private def handleRequestProviderAuthentication[B](implicit request: Request[B]): Future[Option[LoginInfo]] = {
def auth(providers: Seq[RequestProvider]): Future[Option[LoginInfo]] = {
providers match {
case Nil => Future.successful(None)
case h :: t => h.authenticate(request).flatMap {
case Some(i) => Future.successful(Some(i))
case None => if (t.isEmpty) Future.successful(None) else auth(t)
}
}
}
auth(silhouette.env.requestProviders)
}
override def onAuthFailure[A](request: AuthenticatedRequest[A]): Future[Result] =
Future.successful(request.subject.map(subject => Redirect(controllers.routes.ApplicationController.index()))
.getOrElse(Redirect(controllers.routes.SignInController.view())))
override def getDynamicResourceHandler[A](request: Request[A]): Future[Option[DynamicResourceHandler]] = Future.successful(None)
}
In your controllers, you can now use Deadbolt constraints instead of the Silhouette authorizations. For example...
class ApplicationController #Inject() (
val messagesApi: MessagesApi,
silhouette: Silhouette[DefaultEnv])
extends Controller with I18nSupport {
def index = silhouette.SecuredAction.async { implicit request =>
Future.successful(Ok(views.html.home(request.identity)))
}
}
can be replaced with
class ApplicationController #Inject() (
val messagesApi: MessagesApi,
deadbolt: ActionBuilders)
extends Controller with I18nSupport {
def index = deadbolt.SubjectPresentAction().defaultHandler() { implicit request =>
Future.successful(Ok(views.html.home(request.subject)))
}
}
I'm trying to implement authentication in my Play 2.2.1 app, and I can't quite figure out how to make it work with an action that returns a Future[Result].
This post describes pretty close to what I'm trying to do, except without returning Future[Result]:
Play 2.0 Framework, using a BodyParser with an authenticated request
How can I get it to work with Futures? I.e. how would I implement this function:
def IsAuthenticated(f: => String => Request[Any] => Future[Result])
or, better yet, this function:
def IsAuthenticated[A}(b:BodyParser[A])(f: => String => Request[Any] => Future[Result])
which would feed into this function:
def AuthenticatedUser(g: Account => Request[AnyContent] => SimpleResult) = IsAuthenticated {...}
to wrap asynchronous actions in my controllers?
This part I can do:
def IsAuthenticated(f: => String => Request[AnyContent] => Future[SimpleResult]) = {
Security.Authenticated(email, onUnauthorized) {
user => Action.async(request => f(user)(request))
}
}
But if I try to use IsAuthenticated in my wrapper function:
def AuthenticatedUser(g: Account => Request[AnyContent] => Future[SimpleResult]) = IsAuthenticated {
email => implicit request => Account.find(email).map {
opt => opt match {
case Some(account) => g(account)(request)
case None => Future(onUnauthorized(request))
}
}
}
(Account.find returns a Future[Option[Account]] 'cause it's a mongodb call that may take some time. The desire to do the future thing right is what's causing me so much grief now)
I can't get AuthenticatedUser to satisfy the compiler. It says it's getting a Future[Future[SimpleResult]] instead of a Future[SimpleResult].
So, how best to build this whole thing? I need to be able to make authentication wrappers that rely on db calls that are asynchronous.
I'm sure I'm just dense and missing something obvious...
EDIT: Here's what I ended up with. Thank you Jean for pointing me in the right direction.
I found AuthenticatedController while rooting around and it's pretty close to what I'm looking for. I wanted two types of authentication: User (authenticated user) and Administrator (to wrap code for admin tasks).
package controllers
import models.Account
import play.api.mvc._
import scala.concurrent.Future
trait Secured {
class AuthenticatedRequest[A](val account: Account, request: Request[A]) extends WrappedRequest[A](request)
object User extends ActionBuilder[AuthenticatedRequest] {
def invokeBlock[A](request: Request[A], block: (AuthenticatedRequest[A]) => Future[SimpleResult]) = {
request.session.get("email") match {
case Some(email) => {
Account.find(email).flatMap {
case Some(account) => {
block(new AuthenticatedRequest(account, request))
}
case _ => Future(Results.Redirect(routes.Index.index()))
}
}
case _ => Future(Results.Redirect(routes.Index.index()))
}
}
}
object Administrator extends ActionBuilder[AuthenticatedRequest] {
def invokeBlock[A](request: Request[A], block: (AuthenticatedRequest[A]) => Future[SimpleResult]) = {
request.session.get("email") match {
case Some(email) => {
Account.find(email).flatMap {
case Some(account) => if (account.admin) {
block(new AuthenticatedRequest(account, request))
} else {
Future(Results.Redirect(routes.Index.index()))
}
case _ => Future(Results.Redirect(routes.Index.index()))
}
}
case _ => Future(Results.Redirect(routes.Index.index()))
}
}
}
}
There have been changes in play 2.2 to make it easier to compose actions. The resource you are referring to is outdated.
Instead you should create a custom action builder by extending ActionBuilder to create your action, this will get you all the fancy apply methods you may need (including async support and all)
For example you may do :
trait MyAction extends Results{
class MyActionBuilder[A] extends ActionBuilder[({ type R[A] = Request[A] })#R] {
def invokeBlock[A](request: Request[A],
block: Request[A] => Future[SimpleResult]) ={
// your authentication code goes here :
request.cookies.get("loggedIn").map { _=>
block(request)
} getOrElse Future.successful(Unauthorized)
}
}
object MyAction extends MyActionBuilder
}
which you can then use as such :
object MyController extends Controller with MyAction{
def authenticatedAction=MyAction {
Ok
}
def asyncAuthenticatedAction=MyAction.async {
Future.successful(Ok)
}
def authenticatedActionWithBodyParser = MyAction(parse.json){ request =>
Ok(request.body)
}
}
For brevity's sake I used a very trivial authentication mechanism you will want to change that :)
Additionally, you can create a custom "request" type to provide additional information. For instance you could define a AuthenticatedRequest as such :
case class AuthenticatedRequest[A](user: User, request: Request[A]) extends WrappedRequest(request)
Provided you have a way to get your user such as
object User{
def find(s:String): Option[User] = ???
}
Then change your builder definition a bit as such
class MyActionBuilder[A] extends
ActionBuilder[({ type R[A] = AuthenticatedRequest[A] })#R] {
def invokeBlock[A](request: Request[A],
block: AuthenticatedRequest[A] => Future[SimpleResult]) ={
// your authentication code goes here :
(for{
userId <- request.cookies.get("userId")
user <- User.find(userId.value)
}yield {
block(AuthenticatedRequest(user,request))
}) getOrElse Future.successful(Unauthorized)
}
}
Your controller now has access to your user in authenticatedActions:
object MyController extends Controller with MyAction{
val logger = Logger("application.controllers.MyController")
def authenticatedAction=MyAction { authenticatedRequest =>
val user = authenticatedRequest.user
logger.info(s"User(${user.id} is accessing the authenticatedAction")
Ok(user.id)
}
def asyncAuthenticatedAction = MyAction.async { authenticatedRequest=>
Future.successful(Ok(authenticatedRequest.user.id))
}
def authenticatedActionWithBodyParser = MyAction(parse.json){ authenticatedRequest =>
Ok(authenticatedRequest.body)
}
}