This is an implementation of Medidata Authentication Client Authenticator to validate the Http requests
-
Configuration
-
MAuth uses Typesafe Config. The v2_only_authenticate flag can be set to authenticate incoming requests with Mauth protocol V2 only, default to false. Create
application.confon your classpath with following content.
-
app {
uuid: "aaaa-bbbbb-ccccc-ddddd-eeeee"
private_key: "avasdfasdfadf"
}
mauth {
base_url: "http://localhost"
}
-
To validate (authenticate) incoming requests, e.g. (using Servlet Filter):
class MyController extends MAuthDirectives {
final Config typeSafeConfig = ConfigFactory.load();
val singerConfiguration = new SignerConfiguration(typeSafeConfig);
val authConfig = new AuthenticatorConfiguration(typeSafeConfig);
implicit val system: ActorSystem = ActorSystem()
implicit val publicKeyProvider: ClientPublicKeyProvider = new MauthPublicKeyProvider(authConfig, MAuthRequestSigner(singerConfiguration))
implicit val timeout: FiniteDuration = 10.seconds
implicit val requestValidationTimeout: Duration = authConfig.getTimeToLive.seconds
implicit val authenticator: RequestAuthenticator = new RequestAuthenticator(publicKeyProvider, new CurrentEpochTimeProvider, authConfig.isV2OnlyAuthenticate)
def getResource = authenticate.apply {
get {
path("resources") {
complete("OK")
}
}
}
}