So to give you a background, we have a backend application that has a huge number of APIs (Spring boot framework). And then there is a UI application with a mix of React and Ember.js. We are using OAuth2.0 access token.
Each page of the UI may use a number of API resources and permissions of the pages (including actions and buttons) are managed separately than permissions for accessing APIs directly.
Now the issue is that in order to stop anyone with their access token can directly call any API. To stop that, we decided to link the services/resources used in each page or a button to the route url (Ember.js routes) so that based on the user's permission to those routes, we determine whether they have access to particular service in the backend or not. In other words, if a user sends a request to a service directly and say that service is linked to a page that he doesn't have access to in the UI world, then security check stop him.
However, this is now becoming a headache. The pages are constantly changing, some services are being removed or new services are added and we have to continously maintain the SQL scripts to keep the linkage between the two. Now to mention that due to hierarchical structure of the UI (routes) this has become even more complicated.
Now I was wondering, if we could determine that a request is coming from a UI then we don't need to check the permission to API and given the UI won't be rendered if they don't have access to it, we can safely let the request comes in and served. And if the same user uses his UI token to access the API directly we simply block it. If a user need direct access to an API, then they have to get a special token used for API (Some user may need to use API directly for their).
Now the question is how can we determine the request is from UI and that UI page is the one we trust? I did a search in internet but couldn't really find anything any framework or protocol for this. Is it even possible?
Aucun commentaire:
Enregistrer un commentaire