1
package org.zalando.zhewbacca
2

3
import javax.inject.Inject
4

5
import akka.stream.Materializer
6
import play.api.Logger
7
import play.api.mvc.{Filter, RequestHeader, Result}
8

9
import scala.concurrent.{ExecutionContext, Future}
10

11
/**
12
  * `SecurityFilter` intercepts every request and validates it against security rules.
13
  *
14
  * It forwards an original request to the next filter in the chain if this request doesn't have corresponding
15
  * security rule. Authenticated requests will be modified to include `TokenInfo` information into request's metadata.
16
  *
17
  * @param rulesRepository security rules repository
18
  * @param mat materializer (required by Play framework)
19
  * @param ec an ExecutionContext for rules
20
  */
21
class SecurityFilter @Inject() (
22
    rulesRepository: SecurityRulesRepository,
23
    implicit val mat: Materializer,
24
    implicit val ec: ExecutionContext) extends Filter {
25

26 2
  private val logger = Logger(getClass)
27

28
  override def apply(nextFilter: RequestHeader => Future[Result])(requestHeader: RequestHeader): Future[Result] = {
29
    rulesRepository.get(requestHeader).getOrElse {
30 2
      logger.debug(s"No security rules found for ${requestHeader.method} ${requestHeader.uri}. Access denied.")
31
      DenyAllRule
32 2
    }.execute(nextFilter, requestHeader)
33
  }
34

35
}
36

Read our documentation on viewing source code .

Loading