-
Notifications
You must be signed in to change notification settings - Fork 4
Apply security
Sergey Morgunov edited this page Oct 31, 2018
·
2 revisions
You can protect (authentication + authorizations) the service calls of your Lagom application by using the SecuredService interface/trait.
In Java:
public class MyServiceImpl implements MyService, SecuredService {
private final Config securityConfig;
@Inject
public TestServiceImpl(Config securityConfig) {
this.securityConfig = securityConfig;
}
// Implemantation service calls
@Override
public Config getSecurityConfig() {
return securityConfig;
}
}In Scala:
class MyServiceImpl(override val securityConfig: Config) extends MyService with SecuredService {
// Implemantation service calls
}The profile can be anonymous.
In Java:
public class MyServiceImpl implements MyService, SecuredService {
...
@Override
public ServiceCall<NotUsed, String> defaultAuthenticate() {
return authenticate(profile ->
request -> completedFuture(profile.getId())
);
}
}In Scala:
class MyServiceImpl(override val securityConfig: Config) extends MyService with SecuredService {
...
override def defaultAuthenticate: ServiceCall[NotUsed, String] = {
authenticate((profile: CommonProfile) => ServerServiceCall {
request: NotUsed => Future.successful(profile.getId)
})
}
}The profile can be anonymous.
In Java:
public class MyServiceImpl implements MyService, SecuredService {
...
@Override
public ServiceCall<NotUsed, String> namedAuthenticate() {
return authenticate(CLIENT_NAME, profile ->
request -> completedFuture(profile.getId())
);
}
}In Scala:
class MyServiceImpl(override val securityConfig: Config) extends MyService with SecuredService {
...
override def namedAuthenticate: ServiceCall[NotUsed, String] = {
authenticate(CLIENT_NAME, (profile: CommonProfile) => ServerServiceCall {
request: NotUsed => Future.successful(profile.getId)
})
}
}In Java:
public class MyServiceImpl implements MyService, SecuredService {
...
@Override
public ServiceCall<NotUsed, String> defaultAuthorize() {
return authorize(isAuthenticated(), profile ->
request -> completedFuture(profile.getId())
);
}
}In Scala:
class MyServiceImpl(override val securityConfig: Config) extends MyService with SecuredService {
...
override def defaultAuthorize: ServiceCall[NotUsed, String] = {
authorize(isAuthenticated[CommonProfile](), (profile: CommonProfile) => ServerServiceCall {
request: NotUsed => Future.successful(profile.getId)
})
}
}In Java:
public class MyServiceImpl implements MyService, SecuredService {
...
@Override
public ServiceCall<NotUsed, String> namedAuthorize() {
return authorize(CLIENT_NAME, isAuthenticated(), profile ->
request -> completedFuture(profile.getId())
);
}
}In Scala:
class MyServiceImpl(override val securityConfig: Config) extends MyService with SecuredService {
...
override def namedAuthorize: ServiceCall[NotUsed, String] = {
authorize(HEADER_CLIENT, isAuthenticated[CommonProfile](), (profile: CommonProfile) => ServerServiceCall {
request: NotUsed => Future.successful(profile.getId)
})
}
}Authorizer must be added to Config (see Security Configuration)
In Java:
public class MyServiceImpl implements MyService, SecuredService {
...
@Override
public ServiceCall<NotUsed, String> namedAuthorize() {
return authorize(CLIENT_NAME, AUTHORIZER_NAME, profile ->
request -> completedFuture(profile.getId())
);
}
}In Scala:
class MyServiceImpl(override val securityConfig: Config) extends MyService with SecuredService {
...
override def namedAuthorize: ServiceCall[NotUsed, String] = {
authorize(CLIENT_NAME, AUTHORIZER_NAME, (profile: CommonProfile) => ServerServiceCall {
request: NotUsed => Future.successful(profile.getId)
})
}
}