Challenge shouldn't require realm
kapunga opened this issue · comments
org.http4s.Challenge requires the realm
parameter, however the WWW-Authenticate Directive doesn't appear to require it.
I'm going to open a PR to make realm
optional.
Okay, so digging in a little further, it seems a bit more complicated. realm
is required for the Basic challenge types, but not others. Additionally there are other parameters that are required on some, but not on others. Additionally the token68
token that can appear by itself on some challenges and it does not take a value, and therefore doesn't fit into a map. Not to mention, Challenge
is very stringly typed.
I think the proper way to fix this would be to turn Challenge
into a sealed trait with the different challenge schemes and parameters with an apply(scheme: String, realm: String, params: Map[String, String] = Map.empty)
method on the companion object for backwards compatibility.
I'd love to hear other opinions.
turn
Challenge
into a sealed trait with the different challenge schemes
This seems like a good direction to go in.
for backwards compatibility.
Just changing Challenge
from a case class
to a sealed trait is already breaking binary compatibility. So these changes would have to target the main
branch and I don't think it's worth working too hard to preserve other forms of compatibility.