| Re: [che-dev] Authentication token in requests from builder to che |
Hi,
Could you kindly take a look and reply to my question?
Best regards,
Tal Sapan | T: +972 9 7779580 | www.sap.com
From: Sapan, Tal
Sent: יום ה 02 יולי 2015 18:18
To: 'che-dev@xxxxxxxxxxx'
Subject: Authentication token in requests from builder to che
Hi,
I have a question regarding how to pass the authentication token when the builder makes a REST call to Che API.
In our scenario we use OAuth 2.0 protocol for authentication.
The request from the client to the builder service ("/builder/<workspace id>/build" API) passes the authentication token as an "Authorization: Bearer" header.
The builder then fetches information about the workspace by calling che workspace API "/workspace/<workspace id>".
In this request we have to pass the authentication token the same way it was received - as "Authorization: Bearer" header.
From looking deeper into the code that sends the REST call, it seems that a token taken from the current user is added to the request as a URL parameter, but no headers are added.
This happens in other API calls as well (like export etc).
Is there currently a way to send the authentication token as a header?
If not, would a pull request for adding authentication to a request in a more general way be acceptable (allow the option of sending as a URL parameter, header and maybe cookie as well)?
Best regards,
Tal Sapan | T: +972 9 7779580 | www.sap.com
_______________________________________________
che-dev mailing list
che-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/che-dev