Token Authentication -- Manipulate Header

[npaschos]

Proposal

I am using django-rest framework along with django-prometheus in order to export metrics from my app. I have exposed an endopoint and created a Token in order to authenticate the prometheus server. The token works as expected when using Postman or curl, but the issue occurs when I try to include it in the prometheus.yaml config. The header that django-rest requires in order to authenticate with a token is of the following format:

Authorization: 'Token XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'

but the one created by Prometheus is:

Authorization: 'Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'

Note that the former has the Token keyword included, whereas the latter one the Bearer keyword.

As expected, the authentication fails. I tried changing the header but I could not find any way in the documentation, so I assume that it is not possible.

Am I missing a config parameter? If not, I propose that this change is implemented.

---

Note: this is my first issue/proposal, I tried following the guidelines. Let me know if anything else is required.

[brian-brazil]

We only support standard authentication mechanisms, which your system is not. I'd suggest switching your authentication to use Bearer tokens.

[roidelapluie]

From the Django Rest Framework docs: https://www.django-rest-framework.org/api-guide/authentication/

Note: If you want to use a different keyword in the header, such as Bearer, simply subclass TokenAuthentication and set the keyword class variable.

It looks like you could work at the DRF level instead.

[roidelapluie]

This has been implemented in #8512.

authorization:
  credentials: mysecrettoken
  type: Token