search

jeakfrw / jeak-framework

Modern plugin framework for TeamSpeak 3 servers – in Java.
https://jeakfrw.github.io
MIT License
10 stars 4 forks source link

[🚀] Add a authentication service for web controller #157

Open finnWellers opened 4 years ago

finnWellers commented 4 years ago

Describe the solution you'd like Add a service to connect a token with users in order to authorize certain endpoints.

oauth 2 support retrieve by command token (if permitted) for a webinterface, can create tokens and store and sscope for applications like via pluginID

Token has permissions of users, but restricted to certain plugins/controllers

otherwise seperate subjects for custom groups and permissions.

Should work via authentication header, something like x-jeak-authentication-header

Describe why you would like to see this implemented This is essential for access control

finnWellers commented 4 years ago

Maybe we could combine this with or make use of the currently only private API TokenService

finnWellers commented 4 years ago

If we want to use an external library for this, maybe https://github.com/pac4j/spark-pac4j or https://www.keycloak.org/ might be an option. The former also has explicit support for Spark, which we use as well.