WCF com REST e Authorization

Request com GET

GET http://localhost:41009/Service1.svc/1 HTTP 1.1
Accept: application/json
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Content-Type: application/json

Request com POST

POST http://localhost:41009/Service1.svc/contract HTTP 1.1
Accept: application/json
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Content-Type: application/json

{
  "composite":
  {
    "BoolValue":true,
    "StringValue": "oi"
  }
}

service1.svc.cs

using System;
using System.ServiceModel.Web;
using System.Text;

namespace WcfService1
{
    public class Service1 : IService1
    {
        [WebGet(UriTemplate = "/{value}", ResponseFormat = WebMessageFormat.Json, BodyStyle = WebMessageBodyStyle.Bare)]
        public string GetData(string value)
        {
            var headers = WebOperationContext.Current.IncomingRequest.Headers;
            var header = headers.Get("Authorization");
            var hashAutenticacao = header.Substring(6); //start of "Basic "
            var usuarioESenha = Encoding.UTF8.GetString(Convert.FromBase64String(hashAutenticacao));
            var usuario = usuarioESenha.Substring(0, usuarioESenha.IndexOf(":"));
            var senha = usuarioESenha.Substring(usuarioESenha.IndexOf(":") + 1);
            return string.Format("You entered: {0}, Usuario: {1}, Senha: {2}", value, usuario, senha);
        }

        [WebInvoke(Method = "POST", UriTemplate = "/contract", RequestFormat = WebMessageFormat.Json, ResponseFormat = WebMessageFormat.Json, BodyStyle = WebMessageBodyStyle.Wrapped)]
        public CompositeType GetDataUsingDataContract(CompositeType composite)
        {
            if (composite == null) throw new ArgumentNullException("composite");
            var headers = WebOperationContext.Current.IncomingRequest.Headers;
            var header = headers.Get("Authorization");
            var hashAutenticacao = header.Substring(6); //start of "Basic "
            var usuarioESenha = Encoding.UTF8.GetString(Convert.FromBase64String(hashAutenticacao));
            var usuario = usuarioESenha.Substring(0, usuarioESenha.IndexOf(":"));
            var senha = usuarioESenha.Substring(usuarioESenha.IndexOf(":") + 1);
            if (composite.BoolValue)
                composite.StringValue += string.Format(" Usuario: {0}, Senha: {1}", usuario, senha);
            return composite;
        }
    }
}

web.config

<?xml version="1.0"?>
<configuration>
  <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
  </appSettings>
  <system.web>
    <compilation debug="true" targetFramework="4.5.1" />
    <httpRuntime targetFramework="4.5.1"/>
  </system.web>
  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
      </serviceBehaviors>
      <endpointBehaviors>
        <behavior>
          <webHttp />
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <protocolMapping>
      <add binding="basicHttpsBinding" scheme="https" />
      <add binding="webHttpBinding" scheme="http" />
    </protocolMapping>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
    <directoryBrowse enabled="true"/>
  </system.webServer>
</configuration>