HTTP Services Scenario with Authn/Authz
An HTTP passthrough scenario where upstream service is secured with a Custom-Auth scheme, where it authenticates the incoming requests with the header
Authorization: X-Token <base-64-encoded-username:password> against a config-user store as in Basic-Auth scheme. The upstream service have 2 resources where resource named
basic call to the downstream service with an HTTP client secured with Basic-Auth and resource named
jwt call to the downstream service with an HTTP client secured with JWT-Auth.
The downstream service is secured with both Basic-Auth scheme and JWT-Auth scheme. The scopes of the downstream service are
Authentication or Authorization failures of upstream and downsream services should be respectively notified to user with the message pattern of
<Authentication/Authorization> failure for at <upsream/downstream> service.
NOTE: The user, who successfully authenticated with upstream service should be able to a