Introduction
Quickstart
About the docs
Concepts
Rationale HTTP Serverless WebSockets Server-Sent Events
Tutorials
Your first http4k app Deploying an http4k app to AWS Lambda Going native with Graal on AWS Lambda TDDing http4k
How-to guides
Overview Basic: Server as a function Basic: Client as a function Basic: Use a Server backend Basic: Different test-types Basic: Simple routing Basic: Nestable routes Attach context to a request Configure an OAuth Server Create a custom JSON marshaller Customise a Server backend Deploy WebJars Integrate with OpenAPI Leverage GraphQL Lookup a User Principal Monitor http4k Record & replay HTTP traffic Serve Server-Sent Events Serve Websockets Structure your logs with Events Test using Service Virtualisation Typesafe your API with lenses Secure and auth HTTP services Use a custom OAuth Provider Use a templating engine Use HTML forms Use Multipart forms Self document systems with tests Use Auto Content Negotiation Redoc and Swagger UI Make JSON Faster Make parallel HTTP calls
Reference
Overview Core Server backend Serverless backend HTTP & Websocket clients Typesafe contracts (OpenAPI3) JSON handling Templating Multipart forms Cloud Native Configuration Cloud Events Micrometer OpenTelemetry Resilience4J Failsafe AWS OAuth Digest GraphQL htmx Webhooks JSON RPC XML handling YAML handling Testing
Overview Approval Testing Chaos Testing Hamkrest Kotest Service Virtualisation Strikt Tracer Bullet WebDriver
Blog
Overview Meet http4k Typesafe Websockets Typesafe 12-factor config Documenting http4k apps with OpenApi3 Retrospective on v3 Nanoservices Toolbox: Guns for show, knives for a pro http4k v4 - 17 platforms and counting... http4k Platform v5 - New Servers, Loom, TracerBullet, OpenAI plugin SDK and more JCenter Shutdown
Changelog
http4k in action
Performance
FAQ
Getting support
Contribute/support http4k
Code of Conduct
Source Code

Lookup a User Principal

Gradle setup¶

dependencies {
    implementation(platform("org.http4k:http4k-bom:5.16.0.0"))
    implementation("org.http4k:http4k-core")
}

When authorising requests, it is common to need to store some credentials or a user principal object to be accessible by a further Filter or the eventual HttpHandler.

This can be easily achieved by combining the typesafe RequestContext functionality with one of the built-in authorisation Filters:

Code ¶

package guide.howto.lookup_a_user_principal

import org.http4k.core.Credentials
import org.http4k.core.Method.GET
import org.http4k.core.Request
import org.http4k.core.RequestContexts
import org.http4k.core.Response
import org.http4k.core.Status.Companion.OK
import org.http4k.core.then
import org.http4k.filter.ServerFilters.BearerAuth
import org.http4k.filter.ServerFilters.InitialiseRequestContext
import org.http4k.lens.RequestContextKey

fun main() {

    val contexts = RequestContexts()

    val credentials = RequestContextKey.required<Credentials>(contexts)

    val app = InitialiseRequestContext(contexts).then(BearerAuth(credentials) {
        if (it == "42") Credentials("user", "pass") else null
    }).then { Response(OK).body(credentials(it).toString()) }

    println(app(Request(GET, "/").header("Authorization", "Bearer 41")))
    println(app(Request(GET, "/").header("Authorization", "Bearer 42")))
}