common/src/main/scala/org/apache/predictionio/authentication/KeyAuthentication.scala - predictionio - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *    http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */


 package org.apache.predictionio.authentication

 /**
   * This is a (very) simple authentication for the dashboard and engine servers
   * It is highly recommended to implement a stonger authentication mechanism
   */

 import com.typesafe.config.ConfigFactory
 import spray.http.HttpRequest
 import spray.routing.authentication._
 import spray.routing.{AuthenticationFailedRejection, RequestContext}

 import scala.concurrent.ExecutionContext.Implicits.global
 import scala.concurrent.Future

 trait KeyAuthentication {

   object ServerKey {
     private val config = ConfigFactory.load("server.conf")

     val authEnforced = config.getBoolean("org.apache.predictionio.server.key-auth-enforced")
     val get = config.getString("org.apache.predictionio.server.accessKey")

     val param = "accessKey"
   }

   def withAccessKeyFromFile: RequestContext => Future[Authentication[HttpRequest]] = {
     ctx: RequestContext =>
       val accessKeyParamOpt = ctx.request.uri.query.get(ServerKey.param)
       Future {

         val passedKey = accessKeyParamOpt.getOrElse {
           Left(AuthenticationFailedRejection(
             AuthenticationFailedRejection.CredentialsRejected, Nil))
         }

         if (!ServerKey.authEnforced || passedKey.equals(ServerKey.get)) Right(ctx.request)
         else Left(AuthenticationFailedRejection(
           AuthenticationFailedRejection.CredentialsRejected, Nil))

       }
   }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/


	package org.apache.predictionio.authentication

	/**
	* This is a (very) simple authentication for the dashboard and engine servers
	* It is highly recommended to implement a stonger authentication mechanism
	*/

	import com.typesafe.config.ConfigFactory
	import spray.http.HttpRequest
	import spray.routing.authentication._
	import spray.routing.{AuthenticationFailedRejection, RequestContext}

	import scala.concurrent.ExecutionContext.Implicits.global
	import scala.concurrent.Future

	trait KeyAuthentication {

	object ServerKey {
	private val config = ConfigFactory.load("server.conf")

	val authEnforced = config.getBoolean("org.apache.predictionio.server.key-auth-enforced")
	val get = config.getString("org.apache.predictionio.server.accessKey")

	val param = "accessKey"
	}

	def withAccessKeyFromFile: RequestContext => Future[Authentication[HttpRequest]] = {
	ctx: RequestContext =>
	val accessKeyParamOpt = ctx.request.uri.query.get(ServerKey.param)
	Future {

	val passedKey = accessKeyParamOpt.getOrElse {
	Left(AuthenticationFailedRejection(
	AuthenticationFailedRejection.CredentialsRejected, Nil))
	}

	if (!ServerKey.authEnforced \|\| passedKey.equals(ServerKey.get)) Right(ctx.request)
	else Left(AuthenticationFailedRejection(
	AuthenticationFailedRejection.CredentialsRejected, Nil))

	}
	}
	}