Add extra enhanced auth token to all APIs requests #790

yinan-symphony · 2024-02-01T16:34:39Z

Feature Request

The requested feature would be provide a way to inject an extra auth token to all API requests' header,
along with a way to automatically refresh the token when it s expired.

Description of Problem:

Symphony APIs requires the session token and key manager token to authenticate the requests.
in BDK, once the bot authenticates itself, the retrieved tokens are systematically added to all APIs requests.

However in case where all Symphony components are behind a gateway, Apigee for instance, there is no
way to inject the extra auth token to all API requests, in order to authenticate the requests against Apigee,
therefore requests are rejected.

Potential Solutions:

A new interface allowing bdk bot developer to retrieve the token, also determine the expiration of the token
based on the exception.

     public interface CustomEnhancedAuthAuthenticator {
          
        /**
         * Authenticates.
         *
         * @return the authentication session.
         */
        @Nonnull
        String authenticate() throws AuthUnauthorizedException;
      
        boolean isAuthTokenExpired(ApiException exception);
     }

yinan-symphony self-assigned this Feb 1, 2024

yinan-symphony added the [type] enhancement New feature or request label Feb 1, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add extra enhanced auth token to all APIs requests #790

Add extra enhanced auth token to all APIs requests #790

yinan-symphony commented Feb 1, 2024 •

edited

Loading

Add extra enhanced auth token to all APIs requests #790

Add extra enhanced auth token to all APIs requests #790

Comments

yinan-symphony commented Feb 1, 2024 • edited Loading

Feature Request

Description of Problem:

Potential Solutions:

yinan-symphony commented Feb 1, 2024 •

edited

Loading