Add authentication

Summary

As of now, no authentication is present in the pipeline sybil-android → sybil-gateway → sybil-document-annotation. We need to introduce one.

Type

• Feature Request
• Bug

Description

Considering we don't currently have any deployed resources, this isn't too problematic. However, we concretely need to implement it in relatively high priority. Any following microservices implementation should include authorization management.

All authentications should be done with the OAuth2 protocol. The most likely ideal scenario would be sending credentials with client requests to authenticate against the gateway. The gateway then forwards the access token to relevant microservices along with the requests.

The gateway is in charge of authentication and the microservices in charge of the authorization.

Acceptance Criteria / Definition of Done

• Pipeline sybil-android → sybil-gateway → sybil-document-annotation secured with authentication/authorization

Implementation Notes / Suggestions

This may require the integration of a third party identity broker (e.g. Auth0 ). To discuss.