Feat: Bearer Authorization #142

kilianmh · 2024-04-22T01:11:23Z

Added bearer-authorization and proxy-bearer-authorization.
When (and bearer-authorization basic-authorization) or
(and proxy-bearer-authorization proxy-basic-authorization)
an error is signaled.

Also added tests for error signalling and whether the authorization value appears appropriately in the header.

Added bearer-authorization and proxy-bearer-authorization. When (and bearer-authorization basic-authorization) or (and proxy-bearer-authorization proxy-basic-authorization) an error is signaled. Also added tests for error signalling and whether the authorization value appears appropriately in the header.

stassats · 2024-04-22T01:55:23Z

Is it substantially better than just using :additional-headers?

kilianmh · 2024-04-22T09:08:57Z

Bearer authorization is widespread nowadays, e.g. for oauth2 and api calls.

Is it substantially better than just using :additional-headers?

Adding new parameters makes it more convenient and less error prone (no typo in "Bearer ").

There is also a sanity check that basic-authorization is not supplied at the same time with
bearer-authorization. We could also add a check that gives an error when another
authorization header is present in :additional-headers, but that might impact performance more.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feat: Bearer Authorization #142

Feat: Bearer Authorization #142

kilianmh commented Apr 22, 2024

stassats commented Apr 22, 2024

kilianmh commented Apr 22, 2024

Feat: Bearer Authorization #142

Are you sure you want to change the base?

Feat: Bearer Authorization #142

Conversation

kilianmh commented Apr 22, 2024

stassats commented Apr 22, 2024

kilianmh commented Apr 22, 2024