Implement Declarative Auth Design for ballerina/http Module

build.gradle

@@ -39,6 +39,7 @@ ext.stdlibOsVersion = project.stdlibOsVersion
 ext.stdlibTaskVersion = project.stdlibTaskVersion
 ext.stdlibUuidVersion = project.stdlibUuidVersion
 ext.stdlibEncodingVersion = project.stdlibEncodingVersion
+ext.stdlibReflectVersion = project.stdlibReflectVersion
 
 ext.slf4jVersion = project.slf4jVersion
 ext.ballerinaTomlParserVersion = project.ballerinaTomlParserVersion
@@ -193,6 +194,13 @@ allprojects {
                 password System.getenv("packagePAT")
             }
         }
+        maven {
+            url 'https://maven.pkg.github.com/ballerina-platform/module-ballerina-reflect'
+            credentials {
+                username System.getenv("packageUser")
+                password System.getenv("packagePAT")
+            }
+        }
     }
 }
 
@@ -216,6 +224,7 @@ subprojects {
         ballerinaStdLibs "org.ballerinalang:crypto-ballerina:${stdlibCryptoVersion}"
         ballerinaStdLibs "org.ballerinalang:file-ballerina:${stdlibFileVersion}"
         ballerinaStdLibs "org.ballerinalang:config-ballerina:${stdlibConfigVersion}"
+        ballerinaStdLibs "org.ballerinalang:reflect-ballerina:${stdlibReflectVersion}"
 
         // Transitive dependencies
         ballerinaStdLibs "org.ballerinalang:os-ballerina:${stdlibOsVersion}"

gradle.properties

@@ -34,3 +34,4 @@ stdlibJwtVersion=1.0.7-SNAPSHOT
 stdlibOAuth2Version=1.0.5-SNAPSHOT
 stdlibUuidVersion=0.9.1-SNAPSHOT
 stdlibEncodingVersion=1.0.7-SNAPSHOT
+stdlibReflectVersion=0.5.5-SNAPSHOT

http-ballerina-tests/tests/auth_listener_auth_handler_test.bal

@@ -31,25 +31,25 @@ isolated function testListenerFileUserStoreBasicAuthHandlerAuthSuccess() {
     auth:UserDetails|http:Unauthorized authn1 = handler.authenticate(request);
     if (authn1 is auth:UserDetails) {
         test:assertEquals(authn1.username, "alice");
-        test:assertEquals(authn1.scopes, ["read", "write"]);
+        test:assertEquals(authn1.scopes, ["write", "update"]);
     } else {
         test:assertFail(msg = "Test Failed!");
     }
 
     auth:UserDetails|http:Unauthorized authn2 = handler.authenticate(headerValue);
     if (authn2 is auth:UserDetails) {
         test:assertEquals(authn2.username, "alice");
-        test:assertEquals(authn2.scopes, ["read", "write"]);
+        test:assertEquals(authn2.scopes, ["write", "update"]);
     } else {
         test:assertFail(msg = "Test Failed!");
     }
 
-    http:Forbidden? authz1 = handler.authorize(<auth:UserDetails>authn1, "read");
+    http:Forbidden? authz1 = handler.authorize(<auth:UserDetails>authn1, "write");
     if (authz1 is http:Forbidden) {
         test:assertFail(msg = "Test Failed!");
     }
 
-    http:Forbidden? authz2 = handler.authorize(<auth:UserDetails>authn2, "write");
+    http:Forbidden? authz2 = handler.authorize(<auth:UserDetails>authn2, "update");
     if (authz2 is http:Forbidden) {
         test:assertFail(msg = "Test Failed!");
     }
@@ -64,25 +64,25 @@ isolated function testListenerFileUserStoreBasicAuthHandlerAuthzFailure() {
     auth:UserDetails|http:Unauthorized authn1 = handler.authenticate(request);
     if (authn1 is auth:UserDetails) {
         test:assertEquals(authn1.username, "alice");
-        test:assertEquals(authn1.scopes, ["read", "write"]);
+        test:assertEquals(authn1.scopes, ["write", "update"]);
     } else {
         test:assertFail(msg = "Test Failed!");
     }
 
     auth:UserDetails|http:Unauthorized authn2 = handler.authenticate(headerValue);
     if (authn2 is auth:UserDetails) {
         test:assertEquals(authn2.username, "alice");
-        test:assertEquals(authn2.scopes, ["read", "write"]);
+        test:assertEquals(authn2.scopes, ["write", "update"]);
     } else {
         test:assertFail(msg = "Test Failed!");
     }
 
-    http:Forbidden? authz1 = handler.authorize(<auth:UserDetails>authn1, "update");
+    http:Forbidden? authz1 = handler.authorize(<auth:UserDetails>authn1, "read");
     if (authz1 is ()) {
         test:assertFail(msg = "Test Failed!");
     }
 
-    http:Forbidden? authz2 = handler.authorize(<auth:UserDetails>authn2, "update");
+    http:Forbidden? authz2 = handler.authorize(<auth:UserDetails>authn2, "read");
     if (authz2 is ()) {
         test:assertFail(msg = "Test Failed!");
     }