Restrict client access to view and modify config of other clients/applications

[awillersrud]

Use case is that preregistered clients should only be able to view their own config. It should not be possible to read the config of other applications, or the config of other clients of the same application.

ConfigService currently use basic auth and support a single user, which has access to all data and exposed endpoints. The credentials for that user must be distributed with the clients.

We need a separate admin user and one client user per preregistered client.

Requirements

• User administration. Create and update users. Grant and revoke access to resources.
• Restrict access to one or more applicationconfig's per user.
• (Optional) Restrict access to application per user.
• (Optional) Roles for admin and client users. Restrict access to only the client endpoints for client role.

Consider WhyDah integration?

Shared client user (not suggested)
Another far simpler, but less secure approach would be to assume that clients cannot guess other clients id's. In that case we can use a shared client user and protect the following endpoints:

POST /client/registration
POST /client/{clientId}/sync

Those endpoints do not expose any data about other applications or clients as long as you do not know their id.