rharter
11/27/2018, 8:41 PMrocketraman
11/27/2018, 8:44 PMroles
claim. Otherwise just associate your authz info with the user in your backend.rharter
11/27/2018, 8:54 PMadmin
role. Problem is how to easily require that for a set of routes in Ktor.
I want the ease of wrapping some routes in an authenticate("admin") {}
block, but am not sure how to combine oauth + authz into a single auth provider.isAdmin(user)
rocketraman
11/27/2018, 9:00 PMAuthentication
providers, one which validates admin role and one which doesn't. Then protect each route via the appropriate provider e.g.:
authenticate("oauthWithAdmin") {
... admin routes here
}
authenticate("oauth") {
... non-admin routes here
}
Your install might look something like:
install(Authentication) {
oauth("oauthWithAdmin") {
...
}
}
install(Authentication) {
oauth("oauth") {
...
}
}
rharter
11/28/2018, 3:17 PMvalidate admin role
in the oauth provider. There isn't a hook to do "other stuff" after the oauth completes.rocketraman
11/28/2018, 3:22 PMvalidate
that returns a principal like jwt does.handle
route that does the relevant check?intercept
to verify admin privileges for a route: https://ktor.io/servers/features/routing.html#interceptionrharter
11/28/2018, 5:16 PM