Support project-specific client credentials #315
Description
Currently, the Rest-Source-Auth uses a global client ID and secret for each data source client (e.g., Fitbit, Garmin, etc.). This setup limits flexibility when different projects require separate credentials for the same client.
Goal
Allow configuring client credentials per project, while maintaining a global default fallback. This will make it easier to support multiple projects with different OAuth configurations, improving security isolation and maintainability.
Proposed Changes
- Update configuration and data model to support specifying client_id and client_secret per project per client.
- When authenticating users: Check if project-specific credentials exist for the client. If found, use them. Otherwise, fall back to the global credentials.
- Ensure backward compatibility for existing configurations using only global credentials.