BE: Auth: JWT auth w/ JWKS

[daniel-soares4]

Issue submitter TODO list

• I've searched for an already existing issues here
• I'm running a supported version of the application which is listed here and the feature is not present there

Is your proposal related to a problem?

No

Describe the feature you're interested in

Hi !

Any ideas on providing a JWT token authentication mechanism?

In our case we have a central place where authentication already happens using Azure AD as IDP, and we would like to just forward the JWT resultant from the oauth provider authentication to kafka-ui, and then kafka-ui could just validate the jwt using JWKS (https://auth0.com/docs/secure/tokens/json-web-tokens/json-web-key-sets).

A similar feature is present in Grafana (https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/jwt/#verify-token-using-a-json-web-key-set-loaded-from-https-endpoint), which we are using fine.

As it is now, our only solution is to authenticate using Azure AD in our central place to get access to the internal network to reach kafka-ui, and then authenticate again into kafka-ui using the same method.

Describe alternatives you've considered

No response

Version you're running

56fa824

Additional context

No response

[github-actions]

Hello there daniel-soares4! 👋

Thank you and congratulations 🎉 for opening your very first issue in this project! 💖

In case you want to claim this issue, please comment down below! We will try to get back to you as soon as we can. 👀

[daniel-soares4]

Hello!
Thanks for accepting this request.

This is being actively worked on. Any prediction on when it might be ready?
If I knew more Java I would try to help, but unfortunately, I don't know much.

[Haarolean]

@daniel-soares4 This issue is not being actively worked on, I'm adding this to up for grabs board as we don't have the bandwidth to implement this.

[Haarolean]

https://docs.spring.io/spring-security/reference/servlet/oauth2/resource-server/jwt.html