Ideone.com

fork download

package security.auth
 
import scala.collection.mutable.Map
import scala.concurrent.Future
import scala.util.{Failure, Success}
import scala.util.control.NonFatal
import scala.collection.JavaConversions._
import scala.reflect.runtime.universe._
import brix.crypto.Secret
import play.api.Logger
import play.api.Play.current
import play.api.Play.configuration
import play.api.libs.concurrent.Execution.Implicits.defaultContext
import play.api.libs.json._
import play.api.mvc._
import play.api.mvc.Results._
import play.api.http.{HeaderNames, HttpVerbs}
import utils.common.ReflectHelper._
import utils.common.Responses._
import utils.auth.AuthErrors._
import models.auth.{Token, PassToken}
import models.auth.TokenType._
 
/**
  * Represents a secured request.
  *
  * @constructor    Initializes a new instance of the [[SecuredRequest]] class.
  * @param token    The JSON Web Token.
  * @param request  The current HTTP request.
  */
class SecuredRequest[A](
  val token: Token,
  request: Request[A]) extends WrappedRequest[A](request) {
 
  import SecuredAction._
 
  /**
    * Applies `authorized` if `condition` evaluates to `true`.
    *
    * @param condition  The function that determines whether or not the
    *                   request is authorized.
    * @param authorized The function that is applied if `condition` evaluates
    *                   to `true`.
    * @return           A `Future` value containing the response to be sent to
    *                   the client.
    * @note             `condition` shall return a tuple containing a Boolean
    *                   value indicating whether or not the request is authorized,
    *                   and optionally a `Result` to be sent to the client if
    *                   authorization is not granted and the subject does not
    *                   have ''admin'' privileges.
    * @note             `authorized` takes a Boolean paramenter indicating
    *                   whether the action is being authorized as ''admin''.
    */
  def authorize(
    condition: Token => Future[(Boolean, Option[Result])],
    authorized: Boolean => Future[Result]
  ): Future[Result] = {
    condition(token).flatMap { r => r._1 match {
      case true =>
        Logger.debug(s"extra condition to authorize request ${request.uri} met")
        authorized(false)
      case _ => r._2 match {
        case Some(simpleResult) =>
          Logger.debug(s"extra condition to authorize request ${request.uri} not met")
          Future.successful(simpleResult)
        case _ =>
          if (token.roles.contains(Role.Admin.id)) {
            Logger.debug(
              s"extra condition to authorize request ${request.uri} not met, still " +
              s"authorization is granted since user ${token.subject} has admin privileges"
            )
            authorized(true)
          } else Future.successful(refuse)
        }
    }}.recover { case e =>
      Logger.error("error authorizing secured request", e)
      InternalServerError(error(errorProcessingRequest(e.getMessage)(request)))
    }
  }
 
  /**
    * Refuses this request.
    * @return A `Future` value containing the response to be sent to the client.
    */
  def refuse = {
    Logger.debug(s"extra condition to authorize request ${request.uri} not met")
    val user = if (token.tokenType == Browse) None else Some(token.subject)
    Unauthorized(error(requestNotAuthorized(user)(request)))
  }
}
 
/**
  * Represents a secured action.
  *
  * @constructor      Initializes a new instance of the [[SecuredAction]] class.
  * @tparam T         The controller type to create a secured action for.
  * @param methodName The name of the method to secure.
  * @param tokenTypes One or more of the [[TokenType]] values.
  */
class SecuredAction[T <: Controller : TypeTag] private(
  private val methodName: String,
  private val tokenTypes: Seq[TokenType]) extends ActionBuilder[SecuredRequest] {
 
  import services.auth.AuthPlugin
  import SecuredAction._
 
  def invokeBlock[A](request: Request[A], block: SecuredRequest[A] => Future[Result]) = {{
    if (tokenTypes.length == 1 && tokenTypes(0) == Pass) None else {
      request.headers.get(HeaderNames.AUTHORIZATION) match {
        case Some(header) => s"""$AuthScheme (.*)""".r.unapplySeq(header).map(_.head.trim)
        case _ => None
      }
    }} match {
      case Some(jwt) =>
        val auth = jwt.split(":") // auth(0) => token, auth(1) => signature
        val f = AuthPlugin.token(auth(0))
 
        /*
         * service tokens (e.g. activation, reset) are discarded immediately after they
         * trigger the action they are associated with
         */
        f.onComplete {
          case Success(token) => if (token.tokenType != Authorization && request.method != HttpVerbs.GET) {
            AuthPlugin.discardToken(token.id)
          }
          case Failure(e) => Logger.error("error deserializing token from request header", e)
        }
 
        f.flatMap {
          case token if (!token.isValid) =>
            Logger.warn(s"request ${request.uri} refused: token ${token.id} has been tampered")
            Future.successful(Forbidden(error(authenticationViolated(token.subject)(request))))
          case token if (token.isExpired) =>
            Logger.debug(s"request ${request.uri} refused: token ${token.id} has expired")
            Future.successful(Forbidden(error(authenticationExpired(token.subject)(request))))
          case token if (!isAuthorized(token)) =>
            if (token.tokenType == Browse) {
              Logger.info(s"request ${request.uri} not authorized: anonym user does not have required privileges")
              Future.successful(Unauthorized(error(requestNotAuthorized(None)(request))))
            } else {
              Logger.info(s"request ${request.uri} not authorized: user ${token.subject} does not have required privileges")
              Future.successful(Unauthorized(error(requestNotAuthorized(Some(token.subject))(request))))
            }
          case token => if (token.apiKey == Token.BootstrapKey) {
              Logger.debug(s"request ${request.uri} authorized for user ${token.subject}")
              block(new SecuredRequest(token, request))
            } else {
              val body = request.body match {
                case json: JsValue => json.toString
                case _ => ""
              }
              Secret(token.apiKey).sign(auth(0) + request.method + request.uri + body) match {
                case Success(signed) => if (signed == auth(1)) {
                    if (token.tokenType == Browse) {
                      Logger.debug(s"request ${request.uri} authorized for anonym user")
                    } else {
                      Logger.debug(s"request ${request.uri} authorized for user ${token.subject}")
                    }
                    block(new SecuredRequest(token, request))
                  } else {
                    Logger.warn(s"request ${request.uri} refused: request has been tampered")
                    Future.successful(Forbidden(error(requestViolated()(request))))
                  }
                case Failure(e) => Future.failed(e)
              }
            }
        }.recover {
          case e: java.text.ParseException =>
            Logger.error("error deserializing token from request header", e)
            BadRequest(error(errorDeserializingToken(e.getMessage)(request)))
          case NonFatal(e) =>
            Logger.error("error processing secured request", e)
            InternalServerError(error(errorProcessingRequest(e.getMessage)(request)))
        }
      case _ => {
        if (tokenTypes.contains(Pass)) {
          Logger.debug(s"request ${request.uri} authorized for anonym user")
          block(new SecuredRequest(PassToken()(request), request))
        } else {
          Logger.debug(s"request ${request.uri} not authorized")
          Future.successful(Unauthorized(
            error(requestNotAuthenticated()(request))
          ).withHeaders(HeaderNames.WWW_AUTHENTICATE -> AuthScheme))
        }
      }
    }
  }
 
  /**
    * Returns a Boolean value indicating whether or not this
    * action is authorized.
    *
    * @param token  The authorization JSON Web Token.
    * @return       `true` if `token` defines the claims that authorize
    *               this action; otherwise, `false`.
    */
  private def isAuthorized(token: Token) = {
    val roles = securityProfiles(operationNickname[T])
    tokenTypes.contains(token.tokenType) && (
      roles.contains(Role.id("any")) ||       // action does not require any specific privileges
      token.roles.contains(Role.Admin.id) ||  // current subject has admin privileges
      token.roles.exists(roles.contains(_))   // current subject has required privileges
    )
  }
 
  /**
    * Returns the fully qualified nickname of the method that handles
    * the current HTTP request.
    *
    * @tparam T The type of the current `Controller`.
    * @return   The fully qualified nickname of the method that handles
    *           the current HTTP request.
    */
  private def operationNickname[T <: Controller : TypeTag] = {
    val clazzAnnotations = classAnnotations[T]
    val api = clazzAnnotations(
      "Api" )( "value"
    ).asInstanceOf[LiteralArgument].value.value.asInstanceOf[String]
 
    val functionAnnotations = methodAnnotations[T]
    val nickname = functionAnnotations(methodName)(
      "ApiOperation" )( "nickname"
    ).asInstanceOf[LiteralArgument].value.value.asInstanceOf[String]
 
    s"$api/$nickname"
  }
}
 
/**
  * Factory class for creating [[SecuredAction]] instances.
  */
object SecuredAction {
 
  final val AuthScheme = "Gok!llo"
  private var securityProfiles = Map[String, List[Int]]().withDefaultValue(List.empty)
 
  configuration.getConfigList("auth.securityProfiles").map { _.toList.map { config =>
    config.getString("operation").map { operation =>
      securityProfiles += (operation -> config.getStringList("roles").map {
        _.toList.map(Role.id(_))
      }.getOrElse(List.empty))
    }
  }}
 
  /**
    * Initializes a new instance of the [[SecuredAction]] class.
    *
    * @tparam T         The controller type to create a secured action for.
    * @param methodName The name of the method to secure.
    */
  def apply[T <: Controller : TypeTag](
    methodName: String
  ): SecuredAction[T] = apply(methodName, Authorization)
 
  /**
    * Initializes a new instance of the [[SecuredAction]] class.
    *
    * @tparam T         The controller type to create a secured action for.
    * @param methodName The name of the method to secure.
    * @param tokenTypes One or more of the [[TokenType]] values.
    */
  def apply[T <: Controller : TypeTag](
    methodName: String,
    tokenTypes: TokenType*
  ): SecuredAction[T] = new SecuredAction[T](methodName, tokenTypes)
}

cGFja2FnZSBzZWN1cml0eS5hdXRoCgppbXBvcnQgc2NhbGEuY29sbGVjdGlvbi5tdXRhYmxlLk1hcAppbXBvcnQgc2NhbGEuY29uY3VycmVudC5GdXR1cmUKaW1wb3J0IHNjYWxhLnV0aWwue0ZhaWx1cmUsIFN1Y2Nlc3N9CmltcG9ydCBzY2FsYS51dGlsLmNvbnRyb2wuTm9uRmF0YWwKaW1wb3J0IHNjYWxhLmNvbGxlY3Rpb24uSmF2YUNvbnZlcnNpb25zLl8KaW1wb3J0IHNjYWxhLnJlZmxlY3QucnVudGltZS51bml2ZXJzZS5fCmltcG9ydCBicml4LmNyeXB0by5TZWNyZXQKaW1wb3J0IHBsYXkuYXBpLkxvZ2dlcgppbXBvcnQgcGxheS5hcGkuUGxheS5jdXJyZW50CmltcG9ydCBwbGF5LmFwaS5QbGF5LmNvbmZpZ3VyYXRpb24KaW1wb3J0IHBsYXkuYXBpLmxpYnMuY29uY3VycmVudC5FeGVjdXRpb24uSW1wbGljaXRzLmRlZmF1bHRDb250ZXh0CmltcG9ydCBwbGF5LmFwaS5saWJzLmpzb24uXwppbXBvcnQgcGxheS5hcGkubXZjLl8KaW1wb3J0IHBsYXkuYXBpLm12Yy5SZXN1bHRzLl8KaW1wb3J0IHBsYXkuYXBpLmh0dHAue0hlYWRlck5hbWVzLCBIdHRwVmVyYnN9CmltcG9ydCB1dGlscy5jb21tb24uUmVmbGVjdEhlbHBlci5fCmltcG9ydCB1dGlscy5jb21tb24uUmVzcG9uc2VzLl8KaW1wb3J0IHV0aWxzLmF1dGguQXV0aEVycm9ycy5fCmltcG9ydCBtb2RlbHMuYXV0aC57VG9rZW4sIFBhc3NUb2tlbn0KaW1wb3J0IG1vZGVscy5hdXRoLlRva2VuVHlwZS5fCgovKioKICAqIFJlcHJlc2VudHMgYSBzZWN1cmVkIHJlcXVlc3QuCiAgKgogICogQGNvbnN0cnVjdG9yICAgIEluaXRpYWxpemVzIGEgbmV3IGluc3RhbmNlIG9mIHRoZSBbW1NlY3VyZWRSZXF1ZXN0XV0gY2xhc3MuCiAgKiBAcGFyYW0gdG9rZW4gICAgVGhlIEpTT04gV2ViIFRva2VuLgogICogQHBhcmFtIHJlcXVlc3QgIFRoZSBjdXJyZW50IEhUVFAgcmVxdWVzdC4KICAqLwpjbGFzcyBTZWN1cmVkUmVxdWVzdFtBXSgKICB2YWwgdG9rZW46IFRva2VuLAogIHJlcXVlc3Q6IFJlcXVlc3RbQV0pIGV4dGVuZHMgV3JhcHBlZFJlcXVlc3RbQV0ocmVxdWVzdCkgewoKICBpbXBvcnQgU2VjdXJlZEFjdGlvbi5fCgogIC8qKgogICAgKiBBcHBsaWVzIGBhdXRob3JpemVkYCBpZiBgY29uZGl0aW9uYCBldmFsdWF0ZXMgdG8gYHRydWVgLgogICAgKgogICAgKiBAcGFyYW0gY29uZGl0aW9uICBUaGUgZnVuY3Rpb24gdGhhdCBkZXRlcm1pbmVzIHdoZXRoZXIgb3Igbm90IHRoZQogICAgKiAgICAgICAgICAgICAgICAgICByZXF1ZXN0IGlzIGF1dGhvcml6ZWQuCiAgICAqIEBwYXJhbSBhdXRob3JpemVkIFRoZSBmdW5jdGlvbiB0aGF0IGlzIGFwcGxpZWQgaWYgYGNvbmRpdGlvbmAgZXZhbHVhdGVzCiAgICAqICAgICAgICAgICAgICAgICAgIHRvIGB0cnVlYC4KICAgICogQHJldHVybiAgICAgICAgICAgQSBgRnV0dXJlYCB2YWx1ZSBjb250YWluaW5nIHRoZSByZXNwb25zZSB0byBiZSBzZW50IHRvCiAgICAqICAgICAgICAgICAgICAgICAgIHRoZSBjbGllbnQuCiAgICAqIEBub3RlICAgICAgICAgICAgIGBjb25kaXRpb25gIHNoYWxsIHJldHVybiBhIHR1cGxlIGNvbnRhaW5pbmcgYSBCb29sZWFuCiAgICAqICAgICAgICAgICAgICAgICAgIHZhbHVlIGluZGljYXRpbmcgd2hldGhlciBvciBub3QgdGhlIHJlcXVlc3QgaXMgYXV0aG9yaXplZCwKICAgICogICAgICAgICAgICAgICAgICAgYW5kIG9wdGlvbmFsbHkgYSBgUmVzdWx0YCB0byBiZSBzZW50IHRvIHRoZSBjbGllbnQgaWYKICAgICogICAgICAgICAgICAgICAgICAgYXV0aG9yaXphdGlvbiBpcyBub3QgZ3JhbnRlZCBhbmQgdGhlIHN1YmplY3QgZG9lcyBub3QKICAgICogICAgICAgICAgICAgICAgICAgaGF2ZSAnJ2FkbWluJycgcHJpdmlsZWdlcy4KICAgICogQG5vdGUgICAgICAgICAgICAgYGF1dGhvcml6ZWRgIHRha2VzIGEgQm9vbGVhbiBwYXJhbWVudGVyIGluZGljYXRpbmcKICAgICogICAgICAgICAgICAgICAgICAgd2hldGhlciB0aGUgYWN0aW9uIGlzIGJlaW5nIGF1dGhvcml6ZWQgYXMgJydhZG1pbicnLgogICAgKi8KICBkZWYgYXV0aG9yaXplKAogICAgY29uZGl0aW9uOiBUb2tlbiA9PiBGdXR1cmVbKEJvb2xlYW4sIE9wdGlvbltSZXN1bHRdKV0sCiAgICBhdXRob3JpemVkOiBCb29sZWFuID0+IEZ1dHVyZVtSZXN1bHRdCiAgKTogRnV0dXJlW1Jlc3VsdF0gPSB7CiAgICBjb25kaXRpb24odG9rZW4pLmZsYXRNYXAgeyByID0+IHIuXzEgbWF0Y2ggewogICAgICBjYXNlIHRydWUgPT4KICAgICAgICBMb2dnZXIuZGVidWcocyJleHRyYSBjb25kaXRpb24gdG8gYXV0aG9yaXplIHJlcXVlc3QgJHtyZXF1ZXN0LnVyaX0gbWV0IikKICAgICAgICBhdXRob3JpemVkKGZhbHNlKQogICAgICBjYXNlIF8gPT4gci5fMiBtYXRjaCB7CiAgICAgICAgY2FzZSBTb21lKHNpbXBsZVJlc3VsdCkgPT4KICAgICAgICAgIExvZ2dlci5kZWJ1ZyhzImV4dHJhIGNvbmRpdGlvbiB0byBhdXRob3JpemUgcmVxdWVzdCAke3JlcXVlc3QudXJpfSBub3QgbWV0IikKICAgICAgICAgIEZ1dHVyZS5zdWNjZXNzZnVsKHNpbXBsZVJlc3VsdCkKICAgICAgICBjYXNlIF8gPT4KICAgICAgICAgIGlmICh0b2tlbi5yb2xlcy5jb250YWlucyhSb2xlLkFkbWluLmlkKSkgewogICAgICAgICAgICBMb2dnZXIuZGVidWcoCiAgICAgICAgICAgICAgcyJleHRyYSBjb25kaXRpb24gdG8gYXV0aG9yaXplIHJlcXVlc3QgJHtyZXF1ZXN0LnVyaX0gbm90IG1ldCwgc3RpbGwgIiArCiAgICAgICAgICAgICAgcyJhdXRob3JpemF0aW9uIGlzIGdyYW50ZWQgc2luY2UgdXNlciAke3Rva2VuLnN1YmplY3R9IGhhcyBhZG1pbiBwcml2aWxlZ2VzIgogICAgICAgICAgICApCiAgICAgICAgICAgIGF1dGhvcml6ZWQodHJ1ZSkKICAgICAgICAgIH0gZWxzZSBGdXR1cmUuc3VjY2Vzc2Z1bChyZWZ1c2UpCiAgICAgICAgfQogICAgfX0ucmVjb3ZlciB7IGNhc2UgZSA9PgogICAgICBMb2dnZXIuZXJyb3IoImVycm9yIGF1dGhvcml6aW5nIHNlY3VyZWQgcmVxdWVzdCIsIGUpCiAgICAgIEludGVybmFsU2VydmVyRXJyb3IoZXJyb3IoZXJyb3JQcm9jZXNzaW5nUmVxdWVzdChlLmdldE1lc3NhZ2UpKHJlcXVlc3QpKSkKICAgIH0KICB9CgogIC8qKgogICAgKiBSZWZ1c2VzIHRoaXMgcmVxdWVzdC4KICAgICogQHJldHVybiBBIGBGdXR1cmVgIHZhbHVlIGNvbnRhaW5pbmcgdGhlIHJlc3BvbnNlIHRvIGJlIHNlbnQgdG8gdGhlIGNsaWVudC4KICAgICovCiAgZGVmIHJlZnVzZSA9IHsKICAgIExvZ2dlci5kZWJ1ZyhzImV4dHJhIGNvbmRpdGlvbiB0byBhdXRob3JpemUgcmVxdWVzdCAke3JlcXVlc3QudXJpfSBub3QgbWV0IikKICAgIHZhbCB1c2VyID0gaWYgKHRva2VuLnRva2VuVHlwZSA9PSBCcm93c2UpIE5vbmUgZWxzZSBTb21lKHRva2VuLnN1YmplY3QpCiAgICBVbmF1dGhvcml6ZWQoZXJyb3IocmVxdWVzdE5vdEF1dGhvcml6ZWQodXNlcikocmVxdWVzdCkpKQogIH0KfQoKLyoqCiAgKiBSZXByZXNlbnRzIGEgc2VjdXJlZCBhY3Rpb24uCiAgKgogICogQGNvbnN0cnVjdG9yICAgICAgSW5pdGlhbGl6ZXMgYSBuZXcgaW5zdGFuY2Ugb2YgdGhlIFtbU2VjdXJlZEFjdGlvbl1dIGNsYXNzLgogICogQHRwYXJhbSBUICAgICAgICAgVGhlIGNvbnRyb2xsZXIgdHlwZSB0byBjcmVhdGUgYSBzZWN1cmVkIGFjdGlvbiBmb3IuCiAgKiBAcGFyYW0gbWV0aG9kTmFtZSBUaGUgbmFtZSBvZiB0aGUgbWV0aG9kIHRvIHNlY3VyZS4KICAqIEBwYXJhbSB0b2tlblR5cGVzIE9uZSBvciBtb3JlIG9mIHRoZSBbW1Rva2VuVHlwZV1dIHZhbHVlcy4KICAqLwpjbGFzcyBTZWN1cmVkQWN0aW9uW1QgPDogQ29udHJvbGxlciA6IFR5cGVUYWddIHByaXZhdGUoCiAgcHJpdmF0ZSB2YWwgbWV0aG9kTmFtZTogU3RyaW5nLAogIHByaXZhdGUgdmFsIHRva2VuVHlwZXM6IFNlcVtUb2tlblR5cGVdKSBleHRlbmRzIEFjdGlvbkJ1aWxkZXJbU2VjdXJlZFJlcXVlc3RdIHsKCiAgaW1wb3J0IHNlcnZpY2VzLmF1dGguQXV0aFBsdWdpbgogIGltcG9ydCBTZWN1cmVkQWN0aW9uLl8KCiAgZGVmIGludm9rZUJsb2NrW0FdKHJlcXVlc3Q6IFJlcXVlc3RbQV0sIGJsb2NrOiBTZWN1cmVkUmVxdWVzdFtBXSA9PiBGdXR1cmVbUmVzdWx0XSkgPSB7ewogICAgaWYgKHRva2VuVHlwZXMubGVuZ3RoID09IDEgJiYgdG9rZW5UeXBlcygwKSA9PSBQYXNzKSBOb25lIGVsc2UgewogICAgICByZXF1ZXN0LmhlYWRlcnMuZ2V0KEhlYWRlck5hbWVzLkFVVEhPUklaQVRJT04pIG1hdGNoIHsKICAgICAgICBjYXNlIFNvbWUoaGVhZGVyKSA9PiBzIiIiJEF1dGhTY2hlbWUgKC4qKSIiIi5yLnVuYXBwbHlTZXEoaGVhZGVyKS5tYXAoXy5oZWFkLnRyaW0pCiAgICAgICAgY2FzZSBfID0+IE5vbmUKICAgICAgfQogICAgfX0gbWF0Y2ggewogICAgICBjYXNlIFNvbWUoand0KSA9PgogICAgICAgIHZhbCBhdXRoID0gand0LnNwbGl0KCI6IikgLy8gYXV0aCgwKSA9PiB0b2tlbiwgYXV0aCgxKSA9PiBzaWduYXR1cmUKICAgICAgICB2YWwgZiA9IEF1dGhQbHVnaW4udG9rZW4oYXV0aCgwKSkKCiAgICAgICAgLyoKICAgICAgICAgKiBzZXJ2aWNlIHRva2VucyAoZS5nLiBhY3RpdmF0aW9uLCByZXNldCkgYXJlIGRpc2NhcmRlZCBpbW1lZGlhdGVseSBhZnRlciB0aGV5CiAgICAgICAgICogdHJpZ2dlciB0aGUgYWN0aW9uIHRoZXkgYXJlIGFzc29jaWF0ZWQgd2l0aAogICAgICAgICAqLwogICAgICAgIGYub25Db21wbGV0ZSB7CiAgICAgICAgICBjYXNlIFN1Y2Nlc3ModG9rZW4pID0+IGlmICh0b2tlbi50b2tlblR5cGUgIT0gQXV0aG9yaXphdGlvbiAmJiByZXF1ZXN0Lm1ldGhvZCAhPSBIdHRwVmVyYnMuR0VUKSB7CiAgICAgICAgICAgIEF1dGhQbHVnaW4uZGlzY2FyZFRva2VuKHRva2VuLmlkKQogICAgICAgICAgfQogICAgICAgICAgY2FzZSBGYWlsdXJlKGUpID0+IExvZ2dlci5lcnJvcigiZXJyb3IgZGVzZXJpYWxpemluZyB0b2tlbiBmcm9tIHJlcXVlc3QgaGVhZGVyIiwgZSkKICAgICAgICB9CgogICAgICAgIGYuZmxhdE1hcCB7CiAgICAgICAgICBjYXNlIHRva2VuIGlmICghdG9rZW4uaXNWYWxpZCkgPT4KICAgICAgICAgICAgTG9nZ2VyLndhcm4ocyJyZXF1ZXN0ICR7cmVxdWVzdC51cml9IHJlZnVzZWQ6IHRva2VuICR7dG9rZW4uaWR9IGhhcyBiZWVuIHRhbXBlcmVkIikKICAgICAgICAgICAgRnV0dXJlLnN1Y2Nlc3NmdWwoRm9yYmlkZGVuKGVycm9yKGF1dGhlbnRpY2F0aW9uVmlvbGF0ZWQodG9rZW4uc3ViamVjdCkocmVxdWVzdCkpKSkKICAgICAgICAgIGNhc2UgdG9rZW4gaWYgKHRva2VuLmlzRXhwaXJlZCkgPT4KICAgICAgICAgICAgTG9nZ2VyLmRlYnVnKHMicmVxdWVzdCAke3JlcXVlc3QudXJpfSByZWZ1c2VkOiB0b2tlbiAke3Rva2VuLmlkfSBoYXMgZXhwaXJlZCIpCiAgICAgICAgICAgIEZ1dHVyZS5zdWNjZXNzZnVsKEZvcmJpZGRlbihlcnJvcihhdXRoZW50aWNhdGlvbkV4cGlyZWQodG9rZW4uc3ViamVjdCkocmVxdWVzdCkpKSkKICAgICAgICAgIGNhc2UgdG9rZW4gaWYgKCFpc0F1dGhvcml6ZWQodG9rZW4pKSA9PgogICAgICAgICAgICBpZiAodG9rZW4udG9rZW5UeXBlID09IEJyb3dzZSkgewogICAgICAgICAgICAgIExvZ2dlci5pbmZvKHMicmVxdWVzdCAke3JlcXVlc3QudXJpfSBub3QgYXV0aG9yaXplZDogYW5vbnltIHVzZXIgZG9lcyBub3QgaGF2ZSByZXF1aXJlZCBwcml2aWxlZ2VzIikKICAgICAgICAgICAgICBGdXR1cmUuc3VjY2Vzc2Z1bChVbmF1dGhvcml6ZWQoZXJyb3IocmVxdWVzdE5vdEF1dGhvcml6ZWQoTm9uZSkocmVxdWVzdCkpKSkKICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICBMb2dnZXIuaW5mbyhzInJlcXVlc3QgJHtyZXF1ZXN0LnVyaX0gbm90IGF1dGhvcml6ZWQ6IHVzZXIgJHt0b2tlbi5zdWJqZWN0fSBkb2VzIG5vdCBoYXZlIHJlcXVpcmVkIHByaXZpbGVnZXMiKQogICAgICAgICAgICAgIEZ1dHVyZS5zdWNjZXNzZnVsKFVuYXV0aG9yaXplZChlcnJvcihyZXF1ZXN0Tm90QXV0aG9yaXplZChTb21lKHRva2VuLnN1YmplY3QpKShyZXF1ZXN0KSkpKQogICAgICAgICAgICB9CiAgICAgICAgICBjYXNlIHRva2VuID0+IGlmICh0b2tlbi5hcGlLZXkgPT0gVG9rZW4uQm9vdHN0cmFwS2V5KSB7CiAgICAgICAgICAgICAgTG9nZ2VyLmRlYnVnKHMicmVxdWVzdCAke3JlcXVlc3QudXJpfSBhdXRob3JpemVkIGZvciB1c2VyICR7dG9rZW4uc3ViamVjdH0iKQogICAgICAgICAgICAgIGJsb2NrKG5ldyBTZWN1cmVkUmVxdWVzdCh0b2tlbiwgcmVxdWVzdCkpCiAgICAgICAgICAgIH0gZWxzZSB7CiAgICAgICAgICAgICAgdmFsIGJvZHkgPSByZXF1ZXN0LmJvZHkgbWF0Y2ggewogICAgICAgICAgICAgICAgY2FzZSBqc29uOiBKc1ZhbHVlID0+IGpzb24udG9TdHJpbmcKICAgICAgICAgICAgICAgIGNhc2UgXyA9PiAiIgogICAgICAgICAgICAgIH0KICAgICAgICAgICAgICBTZWNyZXQodG9rZW4uYXBpS2V5KS5zaWduKGF1dGgoMCkgKyByZXF1ZXN0Lm1ldGhvZCArIHJlcXVlc3QudXJpICsgYm9keSkgbWF0Y2ggewogICAgICAgICAgICAgICAgY2FzZSBTdWNjZXNzKHNpZ25lZCkgPT4gaWYgKHNpZ25lZCA9PSBhdXRoKDEpKSB7CiAgICAgICAgICAgICAgICAgICAgaWYgKHRva2VuLnRva2VuVHlwZSA9PSBCcm93c2UpIHsKICAgICAgICAgICAgICAgICAgICAgIExvZ2dlci5kZWJ1ZyhzInJlcXVlc3QgJHtyZXF1ZXN0LnVyaX0gYXV0aG9yaXplZCBmb3IgYW5vbnltIHVzZXIiKQogICAgICAgICAgICAgICAgICAgIH0gZWxzZSB7CiAgICAgICAgICAgICAgICAgICAgICBMb2dnZXIuZGVidWcocyJyZXF1ZXN0ICR7cmVxdWVzdC51cml9IGF1dGhvcml6ZWQgZm9yIHVzZXIgJHt0b2tlbi5zdWJqZWN0fSIpCiAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgIGJsb2NrKG5ldyBTZWN1cmVkUmVxdWVzdCh0b2tlbiwgcmVxdWVzdCkpCiAgICAgICAgICAgICAgICAgIH0gZWxzZSB7CiAgICAgICAgICAgICAgICAgICAgTG9nZ2VyLndhcm4ocyJyZXF1ZXN0ICR7cmVxdWVzdC51cml9IHJlZnVzZWQ6IHJlcXVlc3QgaGFzIGJlZW4gdGFtcGVyZWQiKQogICAgICAgICAgICAgICAgICAgIEZ1dHVyZS5zdWNjZXNzZnVsKEZvcmJpZGRlbihlcnJvcihyZXF1ZXN0VmlvbGF0ZWQoKShyZXF1ZXN0KSkpKQogICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBjYXNlIEZhaWx1cmUoZSkgPT4gRnV0dXJlLmZhaWxlZChlKQogICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgIH0ucmVjb3ZlciB7CiAgICAgICAgICBjYXNlIGU6IGphdmEudGV4dC5QYXJzZUV4Y2VwdGlvbiA9PgogICAgICAgICAgICBMb2dnZXIuZXJyb3IoImVycm9yIGRlc2VyaWFsaXppbmcgdG9rZW4gZnJvbSByZXF1ZXN0IGhlYWRlciIsIGUpCiAgICAgICAgICAgIEJhZFJlcXVlc3QoZXJyb3IoZXJyb3JEZXNlcmlhbGl6aW5nVG9rZW4oZS5nZXRNZXNzYWdlKShyZXF1ZXN0KSkpCiAgICAgICAgICBjYXNlIE5vbkZhdGFsKGUpID0+CiAgICAgICAgICAgIExvZ2dlci5lcnJvcigiZXJyb3IgcHJvY2Vzc2luZyBzZWN1cmVkIHJlcXVlc3QiLCBlKQogICAgICAgICAgICBJbnRlcm5hbFNlcnZlckVycm9yKGVycm9yKGVycm9yUHJvY2Vzc2luZ1JlcXVlc3QoZS5nZXRNZXNzYWdlKShyZXF1ZXN0KSkpCiAgICAgICAgfQogICAgICBjYXNlIF8gPT4gewogICAgICAgIGlmICh0b2tlblR5cGVzLmNvbnRhaW5zKFBhc3MpKSB7CiAgICAgICAgICBMb2dnZXIuZGVidWcocyJyZXF1ZXN0ICR7cmVxdWVzdC51cml9IGF1dGhvcml6ZWQgZm9yIGFub255bSB1c2VyIikKICAgICAgICAgIGJsb2NrKG5ldyBTZWN1cmVkUmVxdWVzdChQYXNzVG9rZW4oKShyZXF1ZXN0KSwgcmVxdWVzdCkpCiAgICAgICAgfSBlbHNlIHsKICAgICAgICAgIExvZ2dlci5kZWJ1ZyhzInJlcXVlc3QgJHtyZXF1ZXN0LnVyaX0gbm90IGF1dGhvcml6ZWQiKQogICAgICAgICAgRnV0dXJlLnN1Y2Nlc3NmdWwoVW5hdXRob3JpemVkKAogICAgICAgICAgICBlcnJvcihyZXF1ZXN0Tm90QXV0aGVudGljYXRlZCgpKHJlcXVlc3QpKQogICAgICAgICAgKS53aXRoSGVhZGVycyhIZWFkZXJOYW1lcy5XV1dfQVVUSEVOVElDQVRFIC0+IEF1dGhTY2hlbWUpKQogICAgICAgIH0KICAgICAgfQogICAgfQogIH0KCiAgLyoqCiAgICAqIFJldHVybnMgYSBCb29sZWFuIHZhbHVlIGluZGljYXRpbmcgd2hldGhlciBvciBub3QgdGhpcwogICAgKiBhY3Rpb24gaXMgYXV0aG9yaXplZC4KICAgICoKICAgICogQHBhcmFtIHRva2VuICBUaGUgYXV0aG9yaXphdGlvbiBKU09OIFdlYiBUb2tlbi4KICAgICogQHJldHVybiAgICAgICBgdHJ1ZWAgaWYgYHRva2VuYCBkZWZpbmVzIHRoZSBjbGFpbXMgdGhhdCBhdXRob3JpemUKICAgICogICAgICAgICAgICAgICB0aGlzIGFjdGlvbjsgb3RoZXJ3aXNlLCBgZmFsc2VgLgogICAgKi8KICBwcml2YXRlIGRlZiBpc0F1dGhvcml6ZWQodG9rZW46IFRva2VuKSA9IHsKICAgIHZhbCByb2xlcyA9IHNlY3VyaXR5UHJvZmlsZXMob3BlcmF0aW9uTmlja25hbWVbVF0pCiAgICB0b2tlblR5cGVzLmNvbnRhaW5zKHRva2VuLnRva2VuVHlwZSkgJiYgKAogICAgICByb2xlcy5jb250YWlucyhSb2xlLmlkKCJhbnkiKSkgfHwgICAgICAgLy8gYWN0aW9uIGRvZXMgbm90IHJlcXVpcmUgYW55IHNwZWNpZmljIHByaXZpbGVnZXMKICAgICAgdG9rZW4ucm9sZXMuY29udGFpbnMoUm9sZS5BZG1pbi5pZCkgfHwgIC8vIGN1cnJlbnQgc3ViamVjdCBoYXMgYWRtaW4gcHJpdmlsZWdlcwogICAgICB0b2tlbi5yb2xlcy5leGlzdHMocm9sZXMuY29udGFpbnMoXykpICAgLy8gY3VycmVudCBzdWJqZWN0IGhhcyByZXF1aXJlZCBwcml2aWxlZ2VzCiAgICApCiAgfQoKICAvKioKICAgICogUmV0dXJucyB0aGUgZnVsbHkgcXVhbGlmaWVkIG5pY2tuYW1lIG9mIHRoZSBtZXRob2QgdGhhdCBoYW5kbGVzCiAgICAqIHRoZSBjdXJyZW50IEhUVFAgcmVxdWVzdC4KICAgICoKICAgICogQHRwYXJhbSBUIFRoZSB0eXBlIG9mIHRoZSBjdXJyZW50IGBDb250cm9sbGVyYC4KICAgICogQHJldHVybiAgIFRoZSBmdWxseSBxdWFsaWZpZWQgbmlja25hbWUgb2YgdGhlIG1ldGhvZCB0aGF0IGhhbmRsZXMKICAgICogICAgICAgICAgIHRoZSBjdXJyZW50IEhUVFAgcmVxdWVzdC4KICAgICovCiAgcHJpdmF0ZSBkZWYgb3BlcmF0aW9uTmlja25hbWVbVCA8OiBDb250cm9sbGVyIDogVHlwZVRhZ10gPSB7CiAgICB2YWwgY2xhenpBbm5vdGF0aW9ucyA9IGNsYXNzQW5ub3RhdGlvbnNbVF0KICAgIHZhbCBhcGkgPSBjbGF6ekFubm90YXRpb25zKAogICAgICAiQXBpIiApKCAidmFsdWUiCiAgICApLmFzSW5zdGFuY2VPZltMaXRlcmFsQXJndW1lbnRdLnZhbHVlLnZhbHVlLmFzSW5zdGFuY2VPZltTdHJpbmddCgogICAgdmFsIGZ1bmN0aW9uQW5ub3RhdGlvbnMgPSBtZXRob2RBbm5vdGF0aW9uc1tUXQogICAgdmFsIG5pY2tuYW1lID0gZnVuY3Rpb25Bbm5vdGF0aW9ucyhtZXRob2ROYW1lKSgKICAgICAgIkFwaU9wZXJhdGlvbiIgKSggIm5pY2tuYW1lIgogICAgKS5hc0luc3RhbmNlT2ZbTGl0ZXJhbEFyZ3VtZW50XS52YWx1ZS52YWx1ZS5hc0luc3RhbmNlT2ZbU3RyaW5nXQoKICAgIHMiJGFwaS8kbmlja25hbWUiCiAgfQp9CgovKioKICAqIEZhY3RvcnkgY2xhc3MgZm9yIGNyZWF0aW5nIFtbU2VjdXJlZEFjdGlvbl1dIGluc3RhbmNlcy4KICAqLwpvYmplY3QgU2VjdXJlZEFjdGlvbiB7CgogIGZpbmFsIHZhbCBBdXRoU2NoZW1lID0gIkdvayFsbG8iCiAgcHJpdmF0ZSB2YXIgc2VjdXJpdHlQcm9maWxlcyA9IE1hcFtTdHJpbmcsIExpc3RbSW50XV0oKS53aXRoRGVmYXVsdFZhbHVlKExpc3QuZW1wdHkpCgogIGNvbmZpZ3VyYXRpb24uZ2V0Q29uZmlnTGlzdCgiYXV0aC5zZWN1cml0eVByb2ZpbGVzIikubWFwIHsgXy50b0xpc3QubWFwIHsgY29uZmlnID0+CiAgICBjb25maWcuZ2V0U3RyaW5nKCJvcGVyYXRpb24iKS5tYXAgeyBvcGVyYXRpb24gPT4KICAgICAgc2VjdXJpdHlQcm9maWxlcyArPSAob3BlcmF0aW9uIC0+IGNvbmZpZy5nZXRTdHJpbmdMaXN0KCJyb2xlcyIpLm1hcCB7CiAgICAgICAgXy50b0xpc3QubWFwKFJvbGUuaWQoXykpCiAgICAgIH0uZ2V0T3JFbHNlKExpc3QuZW1wdHkpKQogICAgfQogIH19CgogIC8qKgogICAgKiBJbml0aWFsaXplcyBhIG5ldyBpbnN0YW5jZSBvZiB0aGUgW1tTZWN1cmVkQWN0aW9uXV0gY2xhc3MuCiAgICAqCiAgICAqIEB0cGFyYW0gVCAgICAgICAgIFRoZSBjb250cm9sbGVyIHR5cGUgdG8gY3JlYXRlIGEgc2VjdXJlZCBhY3Rpb24gZm9yLgogICAgKiBAcGFyYW0gbWV0aG9kTmFtZSBUaGUgbmFtZSBvZiB0aGUgbWV0aG9kIHRvIHNlY3VyZS4KICAgICovCiAgZGVmIGFwcGx5W1QgPDogQ29udHJvbGxlciA6IFR5cGVUYWddKAogICAgbWV0aG9kTmFtZTogU3RyaW5nCiAgKTogU2VjdXJlZEFjdGlvbltUXSA9IGFwcGx5KG1ldGhvZE5hbWUsIEF1dGhvcml6YXRpb24pCgogIC8qKgogICAgKiBJbml0aWFsaXplcyBhIG5ldyBpbnN0YW5jZSBvZiB0aGUgW1tTZWN1cmVkQWN0aW9uXV0gY2xhc3MuCiAgICAqCiAgICAqIEB0cGFyYW0gVCAgICAgICAgIFRoZSBjb250cm9sbGVyIHR5cGUgdG8gY3JlYXRlIGEgc2VjdXJlZCBhY3Rpb24gZm9yLgogICAgKiBAcGFyYW0gbWV0aG9kTmFtZSBUaGUgbmFtZSBvZiB0aGUgbWV0aG9kIHRvIHNlY3VyZS4KICAgICogQHBhcmFtIHRva2VuVHlwZXMgT25lIG9yIG1vcmUgb2YgdGhlIFtbVG9rZW5UeXBlXV0gdmFsdWVzLgogICAgKi8KICBkZWYgYXBwbHlbVCA8OiBDb250cm9sbGVyIDogVHlwZVRhZ10oCiAgICBtZXRob2ROYW1lOiBTdHJpbmcsCiAgICB0b2tlblR5cGVzOiBUb2tlblR5cGUqCiAgKTogU2VjdXJlZEFjdGlvbltUXSA9IG5ldyBTZWN1cmVkQWN0aW9uW1RdKG1ldGhvZE5hbWUsIHRva2VuVHlwZXMpCn0=

Compilation error #stdin compilation error #stdout 0s 0KB

stdin

Standard input is empty

compilation info

/opt/scala/bin/scalac: line 50: /dev/null: Permission denied
Main.scala:9: error: not found: object brix
import brix.crypto.Secret
       ^
Main.scala:10: error: not found: object play
import play.api.Logger
       ^
Main.scala:11: error: not found: object play
import play.api.Play.current
       ^
Main.scala:12: error: not found: object play
import play.api.Play.configuration
       ^
Main.scala:13: error: not found: object play
import play.api.libs.concurrent.Execution.Implicits.defaultContext
       ^
Main.scala:14: error: not found: object play
import play.api.libs.json._
       ^
Main.scala:15: error: not found: object play
import play.api.mvc._
       ^
Main.scala:16: error: not found: object play
import play.api.mvc.Results._
       ^
Main.scala:17: error: not found: object play
import play.api.http.{HeaderNames, HttpVerbs}
       ^
Main.scala:18: error: not found: object utils
import utils.common.ReflectHelper._
       ^
Main.scala:19: error: not found: object utils
import utils.common.Responses._
       ^
Main.scala:20: error: not found: object utils
import utils.auth.AuthErrors._
       ^
Main.scala:21: error: not found: object models
import models.auth.{Token, PassToken}
       ^
Main.scala:22: error: not found: object models
import models.auth.TokenType._
       ^
Main.scala:33: error: not found: type WrappedRequest
  request: Request[A]) extends WrappedRequest[A](request) {
                               ^
Main.scala:32: error: not found: type Token
  val token: Token,
             ^
Main.scala:33: error: not found: type Request
  request: Request[A]) extends WrappedRequest[A](request) {
           ^
Main.scala:31: error: too many arguments for constructor Object: ()Object
class SecuredRequest[A](
                       ^
Main.scala:57: error: not found: type Result
  ): Future[Result] = {
            ^
Main.scala:55: error: not found: type Token
    condition: Token => Future[(Boolean, Option[Result])],
               ^
Main.scala:55: error: not found: type Result
    condition: Token => Future[(Boolean, Option[Result])],
                                                ^
Main.scala:56: error: not found: type Result
    authorized: Boolean => Future[Result]
                                  ^
Main.scala:86: error: not found: value Logger
    Logger.debug(s"extra condition to authorize request ${request.uri} not met")
    ^
Main.scala:88: error: not found: value Unauthorized
    Unauthorized(error(requestNotAuthorized(user)(request)))
    ^
Main.scala:60: error: not found: value Logger
        Logger.debug(s"extra condition to authorize request ${request.uri} met")
        ^
Main.scala:102: error: not found: type ActionBuilder
  private val tokenTypes: Seq[TokenType]) extends ActionBuilder[SecuredRequest] {
                                                  ^
Main.scala:100: error: not found: type Controller
class SecuredAction[T <: Controller : TypeTag] private(
                         ^
Main.scala:102: error: not found: type TokenType
  private val tokenTypes: Seq[TokenType]) extends ActionBuilder[SecuredRequest] {
                              ^
Main.scala:104: error: not found: value services
  import services.auth.AuthPlugin
         ^
Main.scala:107: error: not found: type Request
  def invokeBlock[A](request: Request[A], block: SecuredRequest[A] => Future[Result]) = {{
                              ^
Main.scala:116: error: not found: value AuthPlugin
        val f = AuthPlugin.token(auth(0))
                ^
Main.scala:176: error: not found: value Pass
        if (tokenTypes.contains(Pass)) {
                                ^
Main.scala:177: error: not found: value Logger
          Logger.debug(s"request ${request.uri} authorized for anonym user")
          ^
Main.scala:107: error: not found: type Result
  def invokeBlock[A](request: Request[A], block: SecuredRequest[A] => Future[Result]) = {{
                                                                             ^
Main.scala:178: error: not found: value PassToken
          block(new SecuredRequest(PassToken()(request), request))
                                   ^
Main.scala:180: error: not found: value Logger
          Logger.debug(s"request ${request.uri} not authorized")
          ^
Main.scala:181: error: not found: value Unauthorized
          Future.successful(Unauthorized(
                            ^
Main.scala:215: error: not found: value classAnnotations
    val clazzAnnotations = classAnnotations[T]
                           ^
Main.scala:214: error: not found: type Controller
  private def operationNickname[T <: Controller : TypeTag] = {
                                     ^
Main.scala:220: error: not found: value methodAnnotations
    val functionAnnotations = methodAnnotations[T]
                              ^
Main.scala:197: error: not found: type Token
  private def isAuthorized(token: Token) = {
                                  ^
Main.scala:200: error: not found: value Role
      roles.contains(Role.id("any")) ||       // action does not require any specific privileges
                     ^
Main.scala:237: error: not found: value configuration
  configuration.getConfigList("auth.securityProfiles").map { _.toList.map { config =>
  ^
Main.scala:251: error: not found: type Controller
  def apply[T <: Controller : TypeTag](
                 ^
Main.scala:262: error: not found: type Controller
  def apply[T <: Controller : TypeTag](
                 ^
Main.scala:264: error: not found: type TokenType
    tokenTypes: TokenType*
                ^
Main.scala:253: error: not found: value Authorization
  ): SecuredAction[T] = apply(methodName, Authorization)
                                          ^
47 errors found
spoj: The program compiled successfully, but Main.class was not found.
      Class Main should contain method: def main(args: Array[String]).

stdout

Standard output is empty

https://ideone.com/6dy34l

language:

Scala (scala 2.12.8)

created:

visibility:

public

Share or Embed source code

Discover > Sphere Engine API

The brand new service which powers Ideone!

Discover > IDE Widget

Widget for compiling and running the source code in a web browser!

Discover > Sphere Engine API

Discover > IDE Widget

Choose your language