Unauthorized handling

[Vivalldi]

Presume I have the following code,

object MyController extends Controller {

  import scalaoauth2.provider.OAuth2ProviderActionBuilders._

  def list = AuthorizedAction(new MyDataHandler()) { request =>
    val user = request.authInfo.user // User is defined on your system
    // access resource for the user
  }
}

how would I go about sending a unauthorized JSON response if the Action is unauthorized?

[tsuyoshizawa]

Action send only header without sending a body response by default.

https://github.com/nulab/scala-oauth2-provider/blob/0.17.2/play2-oauth2-provider/src/main/scala/scalaoauth2/provider/OAuth2Provider.scala#L158

[Vivalldi]

So is there anyway to override that? Because many REST API's could benefit from this OAuth library but REST API's, by standard, return JSON errors, in addition to the Status code.

[rmmeans]

For what it's worth, I don't use the play side of this library. I use just the OAuth library side and I provided my own play wrapper - by doing such, you can customize just about whatever response you want.

[tsuyoshizawa]

So is there anyway to override that?

No, there isn't in AuthorizedAction. The action is just wrapper as rmmeans said.

You could directly use OAuth2Provider instead AuthorizedAction and just override authorize method.

OAuth2ProviderActionBuilders.AuthorizedAction uses OAuth2Provider trait in AuthorizedActionFunction class.

If you want to use ActionBuilder style, I recommend you create customized ActionBuilder by yourself. PR is welcome if you created good customizable AuthorizedAction.