HTTP Token Auth Plugin

[soulware]

Wondering what would be involved in adding a plugin for HTTP Token Auth.

Basically passing the api_key along in the Authorization header like -

"Authorization: Token token=<api_key>"

Draft spec - http://tools.ietf.org/html/draft-hammer-http-token-auth-01

Example client - https://github.com/lostisland/faraday/blob/81f16593a0138ec58bb6f25e1c2804e91589662f/lib/faraday/connection.rb#L208

Seems like it would be very similar to the existing keyauth plugin (at least for the simple case).

[ahmadnassri]

draft-hammer-http-token-auth-01 is a dead spec, left in "draft" (background story behind it here)

the author gave up on it and moved on to create Oz

@soulware I highly reccomend updating your system to adopt a proper standard, such as oAuth 2.0 (which can operate in the same fashion) or even Oz.

adding support to Oz would be an interesting feature to add to Kong, but I don't think we should build for draft specs.

[montdidier]

I would just like to point out the background story link doesn't actually discuss the background of that spec at all. It only discusses oauth, oauth2 and Oz. While the spec still is in draft it is not clear based on information presented here why the author abandoned it or even if fact that he has.