extractCredentials

extractCredentials

Description

Extracts the potentially present HttpCredentials provided with the request's Authorization header, which can be then used to implement some custom authentication or authorization logic.

See Credentials and password timing attacks for details about verifying the secret.

Example

final Route route = extractCredentials(optCreds -> {
  if (optCreds.isPresent()) {
    return complete("Credentials: " + optCreds.get());
  } else {
    return complete("No credentials");
  }
});

// tests:
final HttpCredentials johnsCred =
  BasicHttpCredentials.createBasicHttpCredentials("John", "p4ssw0rd");
testRoute(route).run(HttpRequest.GET("/").addCredentials(johnsCred))
  .assertEntity("Credentials: Basic Sm9objpwNHNzdzByZA==");

testRoute(route).run(HttpRequest.GET("/"))
  .assertEntity("No credentials");

Contents