This is a basic example how to implement oAuth2 using Akka HTTP and Scala. It provides three endpoints. From the clients point of view:
/— publicly accessible, returns “Welcome!”,
/auth— provide your
password, receive an
/api— secured by oAuth, send the
access_tokenin a header to gain access.
From the server’s point of view:
/— publicly accessible, do nothing,
/auth— receive basic auth credentials, verify they’re in the list of known credentials, create an
access_token, return it,
authorizationheader, check if
access_tokenis in list of valid tokens.
Since oAuth tokens are short lived, the server also has to invalidate expired tokens.