Akka HTTP AuthenticationFailedRejection 原因

Question

我创建了一个指令来验证 JWT 令牌：

  def authenticated: Directive[Unit] = optionalHeaderValueByName("Authorization")
    .flatMap[Unit] {
      case Some(token) => Jwt.decode(token, "secret", Seq(JwtAlgorithm.HS256)) match {
        case Failure(_: JwtExpirationException) =>
          // TODO the rejection handler needs to know that the token is expired.
          reject(AuthenticationFailedRejection(CredentialsRejected, HttpChallenge("JWT", None)))
        case Failure(_: JwtException) =>
          // TODO the rejection handler needs to know that the token is invalid.
          reject(AuthenticationFailedRejection(CredentialsRejected, HttpChallenge("JWT", None)))
        case Success(_) =>
          // TODO read token and validate user id
          pass
      }
      case None => reject(AuthenticationFailedRejection(CredentialsMissing, HttpChallenge("JWT", None)))
}

问题是它们只有 2 个原因：CredentialsRejected 和 CredentialsMissing。我需要能够添加一个额外的拒绝原因来显示令牌是否已过期。但是原因都来自密封的 class 所以我不能自己做..

是否可以创建自定义原因或向 CredentialsRejected 原因添加一些数据以便检查拒绝原因？

Answer 1

A（相当过时，因为它与 spray 而不是 akka-http 有关）comment 看起来像你的请求是：创建你自己的拒绝而不是使用 AuthenticationFailedRejection 来处理这个。

Akka HTTP AuthenticationFailedRejection 原因

Akka HTTP AuthenticationFailedRejection cause

authentication

scala

jwt

akka-http