-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
67 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
--- | ||
RFC: XXXX | ||
Author: Kyle Fuller | ||
Status: Draft | ||
Created: 2015-09-22 | ||
Last Modified: 2015-09-28 | ||
--- | ||
|
||
# API Blueprint RFC XXXX: Basic Authentication Scheme | ||
|
||
## Table of Contents | ||
|
||
- [Abstract](#abstract) | ||
- [Motivation](#motivation) | ||
- [Rationale](#rationale) | ||
- [Backwards Compatibility](#backwards-compatibility) | ||
|
||
## Abstract | ||
|
||
This RFC adds the "Basic" authentication scheme for the Authentication | ||
framework proposed in RFC XXXX. | ||
|
||
## Motivation | ||
|
||
Basic authentication is a commonly used authentication mechanism, and is part | ||
of the HTTP/1.1 specification defined in | ||
[RFC1945 section 11.1](http://tools.ietf.org/html/rfc1945#section-11.1). | ||
|
||
## Rationale | ||
|
||
The "Basic" authentication scheme is based on the model that the user | ||
agent must authenticate itself with a user-ID and a password. | ||
|
||
As such, a basic authentication scheme may configure two properties, | ||
`username` and `password`. These properties indicate a sample username and | ||
password that may be used. | ||
|
||
For example, as a named authentication scheme: | ||
|
||
```apib | ||
### Auth (Basic) | ||
|
||
+ username: kyle | ||
+ password: b2952d03bda09cb5f63b0162fbbee77c | ||
``` | ||
|
||
As an anonymous scheme: | ||
|
||
```apib | ||
+ Basic | ||
+ username: kyle | ||
+ password: b2952d03bda09cb5f63b0162fbbee77c | ||
``` | ||
|
||
A client when making a request that is using the Basic authentication scheme | ||
is expected to base64 encode the username and password separated by a `:` and | ||
then place it in an `Authentication` header using `Basic` as the scheme. | ||
As described in [RFC2617 section 2](http://tools.ietf.org/html/rfc2617#section-2). | ||
|
||
For example, if the username was `kyle` and the password was | ||
`b2952d03bda09cb5f63b0162fbbee77c`, `kyle:b2952d03bda09cb5f63b0162fbbee77c` | ||
would be based64 encoded and placed in the authorization header as follows: | ||
|
||
``` | ||
Authorization: Basic a3lsZTpiMjk1MmQwM2JkYTA5Y2I1ZjYzYjAxNjJmYmJlZTc3Yw== | ||
``` | ||
|