feat(authorization): option to install status pages

modelix · Nov 20, 2024 · b2bdfd3 · b2bdfd3
1 parent aa38e90
commit b2bdfd3
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 0 deletions.
diff --git a/authorization/src/main/kotlin/org/modelix/authorization/AuthorizationConfig.kt b/authorization/src/main/kotlin/org/modelix/authorization/AuthorizationConfig.kt
@@ -48,6 +48,11 @@ interface IModelixAuthorizationConfig {
      */
     var debugEndpointsEnabled: Boolean
 
+    /**
+     * NotLoggedInException and NoPermissionException will be turned into HTTP status codes 401 and 403
+     */
+    var installStatusPages: Boolean
+
     /**
      * The pre-shared key for the HMAC512 signature algorithm.
      * The environment variables MODELIX_JWT_SIGNATURE_HMAC512_KEY or MODELIX_JWT_SIGNATURE_HMAC512_KEY_FILE can be
@@ -109,6 +114,7 @@ class ModelixAuthorizationConfig : IModelixAuthorizationConfig {
     override var permissionChecksEnabled: Boolean? = PERMISSION_CHECKS_ENABLED
     override var generateFakeTokens: Boolean? = getBooleanFromEnv("MODELIX_GENERATE_FAKE_JWT")
     override var debugEndpointsEnabled: Boolean = true
+    override var installStatusPages: Boolean = false
     override var hmac512Key: String? = null
     override var hmac384Key: String? = null
     override var hmac256Key: String? = null

diff --git a/authorization/src/main/kotlin/org/modelix/authorization/AuthorizationPlugin.kt b/authorization/src/main/kotlin/org/modelix/authorization/AuthorizationPlugin.kt
@@ -39,6 +39,7 @@ import io.ktor.server.auth.jwt.jwt
 import io.ktor.server.auth.principal
 import io.ktor.server.html.respondHtml
 import io.ktor.server.plugins.forwardedheaders.XForwardedHeaders
+import io.ktor.server.plugins.statuspages.StatusPages
 import io.ktor.server.response.respond
 import io.ktor.server.response.respondText
 import io.ktor.server.routing.Route
@@ -112,6 +113,17 @@ object ModelixAuthorization : BaseRouteScopedPlugin<IModelixAuthorizationConfig,
             }
         }
 
+        if (config.installStatusPages) {
+            application.install(StatusPages) {
+                exception<NotLoggedInException> { call, cause ->
+                    call.respondText(text = "401: ${cause.message}", status = HttpStatusCode.Unauthorized)
+                }
+                exception<NoPermissionException> { call, cause ->
+                    call.respondText(text = "403: ${cause.message}", status = HttpStatusCode.Forbidden)
+                }
+            }
+        }
+
         if (config.debugEndpointsEnabled) {
             application.routing {
                 authenticate(MODELIX_JWT_AUTH) {

diff --git a/model-server/src/main/kotlin/org/modelix/model/server/Main.kt b/model-server/src/main/kotlin/org/modelix/model/server/Main.kt
@@ -190,6 +190,7 @@ object Main {
                 install(Routing)
                 install(ModelixAuthorization) {
                     permissionSchema = ModelServerPermissionSchema.SCHEMA
+                    installStatusPages = false
                 }
                 install(ForwardedHeaders)
                 install(CallLogging) {