Add 'WWW-Authenticate' header for reponses w/ status code 401 Unauthorized.

[ybv]

Adds a new header 'WWW-Authenticate' for 401 responses, the header value typically should include a challenge with some information about the authentication scheme (key-auth) #587

[ybv]

Lokks ike the tests are failing on master too?

[thibaultcha]

This cannot be hard-coded here since 401 is also returned for Basic authentication. This should probably be handled in the access.lua file of authentication plugins. Feel free to disagree or update the PR, otherwise I'll change it myself, but we appreciate contributions so... :)

[ybv]

@thibaultcha definitely, I'm so new to lua/kong land. Just made this PR after 30 mins of going through code, I'll update the PR soon, thanks so much for pointing in the right direction!

[ybv]

@thibaultcha let me know if it looks alright now.

[ybv]

@thibaultcha removing the header check, not sure how to get headers from kong.tools.http_call =, thoughts?

[thibaultcha]

On mobile now, but the headers are the third returned argument I think. It is used many times in the tests. Otherwise this looks good, just a test on each would be amazing.

[ybv]

@thibaultcha looks like the table returned from http_call here has only 2 keys. The other tests that test for headers seem to send those headers as a part of request?

[thibaultcha]

Only because it ignores the third one

On Oct 10, 2015, at 10:26 PM, Vaibhav Krishna Irugu Guruswamy notifications@github.com wrote:

@thibaultcha looks like the table returned from http_call here has only 2 keys.

—
Reply to this email directly or view it on GitHub.

[ybv]

@thibaultcha alright done, let me know if all looks good and I'll squash my commits to just one.

[ybv]

@thibaultcha ping!

[subnetmarco]

@ybv looks good to me, can you squash?

[ybv]

@thefosk @thibaultcha done!

[thibaultcha]

Thank you!