rename `Arvados` authentication method to `Bearer`

wtsi-hgi / irobot

iRODS data brokerage service

GNU General Public License v3.0

0 stars 0 forks source link

rename `Arvados` authentication method to `Bearer` #15

Closed jrandall closed 6 years ago

jrandall commented 7 years ago

An Arvados API token is basically an OAuth2 Bearer token (https://tools.ietf.org/html/rfc6750#section-1.2). The semantics of an Oauth2 Bearer token and and Arvados API token are identical.

I suggest simply renaming Arvados to Bearer will make the usage in iRobot standard, relying only on IANA registered auth schemes: https://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml

Xophmeister commented 7 years ago

I can support this (and it's a really easy change), but the fact that it's an Arvados handler needs to be included as an authentication parameter. Scanning through the RFC, it seems realm would actually be appropriate here. So I suggest:

WWW-Authenticate: Bearer realm="Arvados"

...or even better:

WWW-Authenticate: Bearer realm="{arvados_api_host}"