drakma icon indicating copy to clipboard operation
drakma copied to clipboard
verified publisher icon edicl

Feat: Bearer Authorization

Open kilianmh opened this issue 1 year ago • 2 comments

Added bearer-authorization and proxy-bearer-authorization. When (and bearer-authorization basic-authorization) or (and proxy-bearer-authorization proxy-basic-authorization) an error is signaled.

Also added tests for error signalling and whether the authorization value appears appropriately in the header.

kilianmh avatar Apr 22 '24 01:04 kilianmh

Is it substantially better than just using :additional-headers?

stassats avatar Apr 22 '24 01:04 stassats

Bearer authorization is widespread nowadays, e.g. for oauth2 and api calls.

Is it substantially better than just using :additional-headers?

Adding new parameters makes it more convenient and less error prone (no typo in "Bearer ").

There is also a sanity check that basic-authorization is not supplied at the same time with bearer-authorization. We could also add a check that gives an error when another authorization header is present in :additional-headers, but that might impact performance more.

kilianmh avatar Apr 22 '24 09:04 kilianmh