Retrieve realm roles (general roles), and extract web middleware to configuration file

[socieboy]

The roles method currently only retrieve the client roles that a user has been assigned, but not the general roles or realm roles present on the access token payload. I don't know if there is any good reason to not include the realm roles.

realm_access: Contains a list of global roles. it is the intersection between the roles granted to the user, and the roles the client has access to. resource_access: This contains a list of client roles.

According the definition of each key on the access token, it will be also better to compare if a user has a role in the real access, I found this as a issue on an application that i'm developing and declaring global roles and not being able to access them in my application.

[socieboy]

The web middleware also was extracted to the config file, this is a better approach, since allow our application to apply other middlewares to the login routes.

I'm building a multi-tenant application, and it use a middleware to initialize the tenants and their routes by their domains names.

[mariovalney]

Hi! First of all, thank you for your contribution. I'm very busy because I'm moving so I was not able find the time to check this changes.

Sorry for that but why did you closed it?