Security API enhancements #2

[vicmosin]

Hi there,
I already had a similar question but now requirements a bit different..
What I need to achieve is the hasRole(roleA, roleB) functionality, meaning both roles must present in the token. And I wonder if we should inspire from spring-security and have something like:

override fun configure(builder: GrpcSecurity) {
   builder.authorizeRequests()
      .services(SomeServiceGrpc.getServiceDescriptor())
      .authentication { auth: Authentication ->
         auth.roles.containsAll(roleA, roleB)
      }
}

Any thoughts?