feat: CallContext support for service-to-service#93
Merged
chrisbonilla95 merged 1 commit intomasterfrom Oct 15, 2025
Merged
Conversation
chrisbonilla95
force-pushed
the
cbon-lx-1581-callcontext-processing-support
branch
3 times, most recently
from
651836a to
bcd9ab2
Compare
gooddata-server-oauth2-autoconfigure/src/main/kotlin/CallContextAuthenticationProcessor.kt
Outdated
Show resolved
Hide resolved
romrak
reviewed
Oct 13, 2025
gooddata-server-oauth2-autoconfigure/src/main/kotlin/CallContextHeaderProcessor.kt
Outdated
Show resolved
Hide resolved
gooddata-server-oauth2-autoconfigure/src/main/kotlin/CallContextAuthenticationWebFilter.kt
Outdated
Show resolved
Hide resolved
gooddata-server-oauth2-autoconfigure/src/main/kotlin/ServerOAuth2AutoConfiguration.kt
Show resolved
Hide resolved
In addition to OIDC/OAuth2 and Bearer token authentication, the library now supports **call context authentication** for service-to-service communication. This mechanism is designed for scenarios where authentication has already been performed by an upstream service (e.g., an API gateway). Key characteristics: * Authentication information is passed via a custom HTTP header (configurable by the application) * No re-authentication or metadata lookups are performed (trusts upstream validation) * Takes precedence over Bearer token authentication when the call context header is present * Requires implementing [CallContextHeaderProcessor](gooddata-server-oauth2-autoconfigure/src/main/kotlin/CallContextHeaderProcessor.kt) define the custom header name via `getHeaderName()` parse the application-specific header format via `parseCallContextHeader()` #### Security Considerations **Critical**: This authentication mode bypasses normal security checks and trusts the upstream service completely. Implementations must ensure: * **Gateway-level protection**: The API gateway **must** strip/discard the call context header from all external requests. This is the primary security control. * **Network segmentation**: Services using this feature should not be directly accessible from untrusted networks. Deploy behind a properly configured API gateway or service mesh. * **Audit logging**: All call context authentications should be logged for security monitoring and incident response. JIRA: LX-1581 risk: high
chrisbonilla95
force-pushed
the
cbon-lx-1581-callcontext-processing-support
branch
from
bcd9ab2 to
608486d
Compare
martinnaj
approved these changes
Oct 15, 2025
chrisbonilla95
deleted the
cbon-lx-1581-callcontext-processing-support
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
In addition to OIDC/OAuth2 and Bearer token authentication, the library now supports call context authentication for service-to-service communication. This mechanism is designed for scenarios where authentication has already been performed by an upstream service (e.g., an API gateway).
Key characteristics:
Security Considerations
Critical: This authentication mode bypasses normal security checks and trusts the upstream service completely. Implementations must ensure:
JIRA: LX-1581
risk: high