package auth
- Alphabetic
- Public
- Protected
Package Members
- package permission
Type Members
- trait AbstractAuth extends AnyRef
- trait AbstractUser extends AnyRef
- final case class AuthBadResponseException(error: String, message: String = "credential", errorType: ErrorType = ErrorType.UnknownError, errorCode: String = "auth.response", stacktrace: Option[String] = None, status: Int = ErrorCode.Unauthorized) extends Throwable with AuthException with Product with Serializable
- final case class AuthContext(userId: UUID, user: AbstractUser = AbstractUser.Anonymous, correlationId: String, bearer: String = "", perms: List[String] = Nil, headers: Map[String, String] = Map.empty, info: Obj = Json.Obj()) extends Product with Serializable
This object allows to manage an AuthContext inside the call versus different systems.
This object allows to manage an AuthContext inside the call versus different systems. It can be used to monitor rest calls, API integration patterns, better logging.
- userId
the id of the user
- correlationId
the correlationID of the call
- perms
the permission of the user
- headers
some headers useful to pass information
- info
extra json ino to export for logs
- sealed trait AuthException extends Throwable with FrameworkException
************************************** AUTH Exceptions
************************************** AUTH Exceptions
- Annotations
- @jsonDiscriminator("type")
- case class AuthUUIDException(message: String = "auth.uuid", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.NotFound, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This class defines a AuthUUIDException entity
This class defines a AuthUUIDException entity
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
- final case class InvalidCredentialsException(error: String, message: String = "credential", errorType: ErrorType = ErrorType.UnknownError, errorCode: String = "auth.generic", stacktrace: Option[String] = None, status: Int = ErrorCode.Unauthorized) extends Throwable with AuthException with Product with Serializable
- case class InvalidPermissionStringException(permissionString: String, message: String = "auth.error", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.NotFound, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This exception is throw if the permission string is malformed
This exception is throw if the permission string is malformed
- permissionString
the permission that is not valid
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
- case class JWTInvalidTokenException(message: String = "auth.error", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.InternalServerError, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This exception is thrown when there is an invalid JWT token
This exception is thrown when there is an invalid JWT token
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
- case class JWTPasswordException(message: String = "auth.error", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.InternalServerError, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This exception is thrown when there is unable to validate a password
This exception is thrown when there is unable to validate a password
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
- case class JWTTokenParsingException(message: String = "auth.error", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.InternalServerError, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This exception is thrown when there is unable to parse aJWT token
This exception is thrown when there is unable to parse aJWT token
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
- case class JWTTokenSignException(message: String = "auth.error", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.InternalServerError, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
- case class JWTUnableGenerateTokenException(message: String = "auth.error", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.InternalServerError, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This exception is thrown when is not possible to generate a JWT token
This exception is thrown when is not possible to generate a JWT token
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
- case class MissingCredentialsException(message: String = "auth.credentials", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.NotFound, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This class defines a MissingCredentialsException entity
This class defines a MissingCredentialsException entity
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
- trait Permission extends AnyRef
A Permission represents the ability to perform an action or access a resource.
A Permission represents the ability to perform an action or access a resource. A Permission is the most granular, or atomic, unit in a system's security policy and is the cornerstone upon which fine-grained security models are built. Based on Apache Shiro permission.
It is important to understand a Permission instance only represents functionality or access - it does not grant it. Granting access to an application functionality or a particular resource is done by the application's security configuration, typically by assigning Permissions to users, roles and/or groups.
Most typical systems are what the Shiro team calls role-based in nature, where a role represents common behavior for certain user types. For example, a system might have an Aministrator role, a User or Guest roles, etc.
But if you have a dynamic security model, where roles can be created and deleted at runtime, you can't hard-code role names in your code. In this environment, roles themselves aren't aren't very useful. What matters is what permissions are assigned to these roles.
Under this paradigm, permissions are immutable and reflect an application's raw functionality (opening files, accessing a web URL, creating users, etc). This is what allows a system's security policy to be dynamic: because Permissions represent raw functionality and only change when the application's source code changes, they are immutable at runtime - they represent 'what' the system can do. Roles, users, and groups are the 'who' of the application. Determining 'who' can do 'what' then becomes a simple exercise of associating Permissions to roles, users, and groups in some way.
Most applications do this by associating a named role with permissions (i.e. a role 'has a' collection of Permissions) and then associate users with roles (i.e. a user 'has a' collection of roles) so that by transitive association, the user 'has' the permissions in their roles. There are numerous variations on this theme (permissions assigned directly to users, or assigned to groups, and users added to groups and these groups in turn have roles, etc, etc). When employing a permission-based security model instead of a role-based one, users, roles, and groups can all be created, configured and/or deleted at runtime. This enables an extremely powerful security model.
A benefit to Shiro is that, although it assumes most systems are based on these types of static role or dynamic role w/ permission schemes, it does not require a system to model their security data this way - all Permission checks are relegated to org.apache.shiro.realm.Realm implementations, and only those implementations really determine how a user 'has' a permission or not. The Realm could use the semantics described here, or it could utilize some other mechanism entirely - it is always up to the application developer.
Shiro provides a very powerful default implementation of this interface in the form of the
WildcardPermission
. We highly recommend that you investigate this class before trying to implement your ownPermission
s.- Since
0.2
- See also
zio.auth.permission.WildcardPermission WildcardPermission
- case class UnauthorizedException(message: String = "auth.error", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.NotFound, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This class defines a UnauthorizedException entity
This class defines a UnauthorizedException entity
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
- case class UserNotFoundException(userId: String, message: String = "auth.error", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.NotFound, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This class defines a UserNotFoundException entity
This class defines a UserNotFoundException entity
- userId
an User Id
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
- case class UserPropertyNotFoundException(userId: String, property: String, message: String = "auth.error", errorType: ErrorType = ErrorType.AuthError, errorCode: String = "auth.error", status: Int = ErrorCode.NotFound, stacktrace: Option[String] = None) extends Throwable with AuthException with Product with Serializable
This exception is thrown when a property is missing
This exception is thrown when a property is missing
- userId
an User Id
- property
a property to look for
- message
the error message
- errorType
the errorType
- errorCode
a string grouping common application errors
- status
HTTP Error Status
Value Members
- object AbstractUser
- object AuthBadResponseException extends Serializable
- object AuthContext extends Serializable
- object AuthException extends ExceptionFamily with Serializable
- object AuthUUIDException extends Serializable
- object InvalidCredentialsException extends Serializable
- object InvalidPermissionStringException extends Serializable
- object JWTInvalidTokenException extends Serializable
- object JWTPasswordException extends Serializable
- object JWTTokenParsingException extends Serializable
- object JWTTokenSignException extends Serializable
- object JWTUnableGenerateTokenException extends Serializable
- object MissingCredentialsException extends Serializable
- object UnauthorizedException extends Serializable
- object UserNotFoundException extends Serializable
- object UserPropertyNotFoundException extends Serializable