Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorisation Header does not work if JWT is not specified #20

Closed
pezza3434 opened this issue Aug 6, 2015 · 1 comment
Closed

Authorisation Header does not work if JWT is not specified #20

pezza3434 opened this issue Aug 6, 2015 · 1 comment
Labels
invalid

Comments

@pezza3434
Copy link

I believe that it makes sense that if the auth type is not specified in the header then it should default to JWT.
@mikenicholson
Copy link
Owner

I based the need to specify an auth-scheme based on RFC2617 "HTTP Authentication: Basic and Digest Access Authentication" section 1.2. This RFC specifies that the credentials supplied in the Authorization header take the format

credentials = auth-scheme #auth-param

Based on my reading of the RFC it does not appear that the auth-scheme can be considered optional.

I'm going to close this with no action but if you can find documentation that states that the auth-scheme can be treated as optional I'll take another look.

@mikenicholson mikenicholson mentioned this issue Aug 12, 2015
Closed
@mikenicholson mikenicholson mentioned this issue Oct 13, 2015
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
invalid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mikenicholson @pezza3434