Configure cayenne to verify access against tokens for Plus subscribers
Cayenne, when configured to be in Plus mode needs to verify all accesses against the tokens. The token list will be kept in S3 bucket. Cayenne should cache this list in memory with a short TTL. The token will be passed as Authorization or Crossref-Plus-API-Token header in requests. Return appropriate "401 Unauthorized" http status code if the token doesn't match.
Definition of done
-
Code reviewed -
Unit tests identified, implemented, and passing -
Public documentation reviewed and updated -
Knowledge base reviewed and updated -
Acceptance criteria met -
Cayenne verifies all access against tokens for the Plus pool -
If a token is not included or is invalid, return appropriate "401 Unauthorized" http status code.
-
Edited by Patrick Polischuk