Introduce Server Security JWT Support

[brianwyka]

Main Changes

• Introduce new grpc-server-security-jwt module
• Add latest Micronaut Security version
• Supports role based security, however does not support @Secured annotation at this point

I've added a serverSecurity.adoc to document its usage.

Other Changes

• Update to latest Micronaut version
• Parameterize Micronaut Discovery Client version

Closes #164

[brianwyka]

Any feedback on this @jameskleeh @ilopmar @graemerocher ?

[StephanePaulus]

@brianwyka Any updates on this?

[brianwyka]

@StephanePaulus, waiting for feedback on design direction from Micronaut team. After that, happy to move forward with changes.

@jameskleeh, @graemerocher let me know if you have any recommendations based on my latest comments in this thread...

[jameskleeh]

@brianwyka I haven't forgot about this. I'll try to make it a priority next week

[brianwyka]

Thanks @jameskleeh. Let me know what you need from me. Happy to do the implementation as much as possible.

[donbeave]

@graemerocher @sdelamo @brianwyka This looks very useful feature, I have an interest in it for one of my projects. I think it can be nice to have it in the next major release. If needs any help with this PR, I can help to finish all work here.

[graemerocher]

@donbeave this would be a great contribution, from my understanding it requires changes on the Micronaut Security side. /cc @sdelamo

[sdelamo]

@donbeave this would be a great contribution, from my understanding it requires changes on the Micronaut Security side. /cc @sdelamo

We plan to decouple micronaut security from HttpRequest as much as possible in the next mayor version of Micronaut Security.

[donbeave]

@donbeave this would be a great contribution, from my understanding it requires changes on the Micronaut Security side. /cc @sdelamo

We plan to decouple micronaut security from HttpRequest as much as possible in the next mayor version of Micronaut Security.

@sdelamo maybe it's better for me to help you with decoupling first, as I'm using micronaut-security in GraphQL API, and it's not enough flexible, because it was designed around REST use cases. So if you need any help there, please let me know how you see that refactoring.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[sdelamo]

@donbeave this would be a great contribution, from my understanding it requires changes on the Micronaut Security side. /cc @sdelamo

We plan to decouple micronaut security from HttpRequest as much as possible in the next mayor version of Micronaut Security.

@sdelamo maybe it's better for me to help you with decoupling first, as I'm using micronaut-security in GraphQL API, and it's not enough flexible, because it was designed around REST use cases. So if you need any help there, please let me know how you see that refactoring.

@donbeave Any help is welcome. We decoupled Micronaut Security almost completely from HTTP request. It is just the oauth2 module which is pending.