Estudo da geração de código via JS-Distributor para sistema de autenticação e autorização

Abstract

The microservices architecture has established itself as a dominant paradigm in software development, offering flexibility and scalability by allowing components to be developed and deployed autonomously. Consequently, it is common for many companies to migrate their monoliths to this architecture, and the js-distributor tool was created to facilitate this transition. However, this inherent distribution poses challenges for implementing secure communication and robust access control between services. This work aims to suggest enhancements to the js-distributor tool, proposing an approach to increase the security of the generated services using the Role-Based Access Control (RBAC) model. The implementation was carried out using Keycloak, a self-hosted identity and access provider, which allows for the generation of security logic from an initial configuration. Thereby, we seek to abstract the complexity of manually configuring an authorization system, offering developers an efficient mechanism to protect functionalities and resources in microservice-based projects. As a result, a code generation strategy was devised, leveraging the tool's existing mechanics, which was validated on example systems.