Dominik Sandjaja
01/16/2023, 3:22 PMon(AuthenticationChecked)
hook.
I have a plugin that does role based authorization, simplified like this:
val rbacPlugin = createRouteScopedPlugin(...) {
pluginConfig.apply {
on(AuthenticationChecked) { call ->
println("Executing rbac plugin")
if(call.principal<OurPrincipal>().role in roles) return
throw ...
}
}
}
It is installed in a route like this:
application.routing {
route("somewhere") {
authenticate(jwt) {
install(rbacPlugin) { roles = setOf(...) }
get { ... }
}}}
Nothing fancy and it works.
Now I want to create another plugin, also hooking into the same phase:
val SentryContextEnricher = createRouteScopedPlugin(name = "SentryContextEnricher") {
on(AuthenticationChecked) { call ->
println("Executing SentryContextEnricher plugin")
val principal = call.principal<OurPrincipal>()
if (principal != null) {
val user = User().apply {
id = principal.userId.id.toString()
}
Sentry.setUser(user)
}
}
}
The problem is that this latter plugin is always called before the authentication actually happens:
Executing SentryContextEnricher plugin
Validated credentials & created JWT based principal
Executing rbac plugin
Is there anything that I am missing? Is there a limitation to the number of plugins that can be installed for a specific hook/phase?Rustam Siniukov
01/16/2023, 3:32 PMRoute
or Application
?Dominik Sandjaja
01/16/2023, 3:32 PMapplicationScopedPlugin
with the same result)Rustam Siniukov
01/16/2023, 3:37 PMApplication
pipeline is executed before any route matches, so there is no authenticate {...}
block associated with the call and therefore to authenticationRustam Siniukov
01/16/2023, 3:37 PMDominik Sandjaja
01/16/2023, 3:43 PMrouting {
install(SentryContextEnricher)
}
does do the trick. Thank you very much!
My follow-up question would be: Is there actually an application pipeline phase where the on(AuthenticationChecked)
makes sense?Rustam Siniukov
01/16/2023, 3:57 PMDominik Sandjaja
01/16/2023, 8:45 PM