In order to allow ws auth in a browser and from a backend app, this PR allows a client to pass auth with a header or with a query param. Hydra expects one of the two, and forwards it along to the auth service (separate) for validation.
Additionally, this PR improves where and how the authResponse is attached to the UMF body of outbound messages.
In order to allow ws auth in a browser and from a backend app, this PR allows a client to pass auth with a header or with a query param. Hydra expects one of the two, and forwards it along to the auth service (separate) for validation.
Additionally, this PR improves where and how the
authResponseis attached to the UMFbodyof outbound messages.