Skip to content

Investigate using annotations for more granularity on auth filtering

A behavior I've noticed is that the auth filter creates a bit of initial latency for each request. This is especially true when the token is not present/invalid as the auth server takes a bit longer to validate in those cases.

  • 2 new annotations. Something like: FullAuth and PartialAuth (just prototype names)
    • FullAuth would get caught by a RequestFilter and fully deny the incoming request
    • PartialAuth would allow for data to be fetched and could be caught by a ResponseFilter to obfuscate the email and country data
    • There might be a way to leverage reactive to allow for the token to be validated while the data is being fetched on the PartialAuth endpoints.

/cc @malowe thoughts or other potential solutions?

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent