I need to implement this security mechanism based on Oauth 2.0 and JWT for my micro services, based on what explained here: http://nordicapis.com/how-to-control-user-identity-within-microservices/
I use Kong (getting.org).
At some point, according to the approach of the article above, my gateway (in this case it would be kong) will have to translate the access token to JWT before handing over the request to the final microservice (the JWT will be included in the final request).
This translation would be a simple lookup, preferably to Redis.
There's a plugin in Kong named "request transformer", which allows you to modify headers. : https://getkong.org/plugins/request-transformer/
But, it (currently) doesn't allow dynamic value (such as value looked up on redis).
Does anyone know of such plugin for Kong?
Quick googling led me to this discussion: https://gitter.im/Mashape/kong/archives/2015/08/06
Wondering if someone can give me pointers of something similar and already working.
Thanks, Raka
