I've created a directive that will validate a JWT token:
def authenticated: Directive[Unit] = optionalHeaderValueByName("Authorization")
.flatMap[Unit] {
case Some(token) => Jwt.decode(token, "secret", Seq(JwtAlgorithm.HS256)) match {
case Failure(_: JwtExpirationException) =>
// TODO the rejection handler needs to know that the token is expired.
reject(AuthenticationFailedRejection(CredentialsRejected, HttpChallenge("JWT", None)))
case Failure(_: JwtException) =>
// TODO the rejection handler needs to know that the token is invalid.
reject(AuthenticationFailedRejection(CredentialsRejected, HttpChallenge("JWT", None)))
case Success(_) =>
// TODO read token and validate user id
pass
}
case None => reject(AuthenticationFailedRejection(CredentialsMissing, HttpChallenge("JWT", None)))
}
The problem is that their are only 2 causes: CredentialsRejected
and CredentialsMissing
. I need to be able to add an extra rejection cause to show if a token is expired. But the causes both extend from a sealed class so I can't make my own..
Is there a way to create a custom cause or to add some data to the CredentialsRejected
cause so it is possible to check the reason of the rejection?
A (quite outdated, because it is in relation to spray instead of akka-http) comment to a request that looks like yours is: create your own Rejection instead of using AuthenticationFailedRejection to handle this.