feat: support wildcard auth permissions

services/auth-service/app/application/services.py

@@ -133,7 +133,13 @@ class AuthApplicationService:
         )
 
     def _permission_matches(self, permissions: list[str], requested_permission: str) -> bool:
-        return "*" in permissions or requested_permission in permissions
+        if "*" in permissions or requested_permission in permissions:
+            return True
+        return any(
+            permission.endswith(":*")
+            and requested_permission.startswith(permission.removesuffix("*"))
+            for permission in permissions
+        )
 
     def _scope_matches(
         self,