Authorization Component - Interceptor

The Authorization Component once registered binds an in-built interceptor to all API calls.

The Authorization interceptor enforces authorization with user-provided authorizers/voters

• The interceptor checks to see if an endpoint is annotated with an authorization specification.
• It collects all functions tagged as Authorizer. The interceptor also collects voters provided in the @authorize decorator of the endpoint.
• It executes each of the above collected functions provided by the user.
• Based on the result of all functions it enforces access/privilege control using a decision matrix.