feat: oauth2 authorization bearer (#6774)

This implements user authorization utilizing the OAuth 2.0 bearer scheme (i.e. RFC6750) for both the authorize code grant and client credentials grant. This effectively allows application "passwords" when used with the client credentials grant.

Closes #2023, Closes #188.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>

1 files changed, 26 insertions, 2 deletions

diff --git a/internal/configuration/schema/const.go b/internal/configuration/schema/const.go
index 52c92d591..d5de64444 100644
--- a/internal/configuration/schema/const.go
+++ b/internal/configuration/schema/const.go
@@ -125,8 +125,32 @@ const (
 )
 
 const (
-	blockCERTIFICATE   = "CERTIFICATE"
-	blockRSAPRIVATEKEY = "RSA PRIVATE KEY"
+	blockCERTIFICATE = "CERTIFICATE"
+)
+
+// Authorization Schemes.
+const (
+	SchemeBasic  = "basic"
+	SchemeBearer = "bearer"
+)
+
+// Authz values.
+const (
+	AuthzEndpointNameLegacy      = "legacy"
+	AuthzEndpointNameAuthRequest = "auth-request"
+	AuthzEndpointNameExtAuthz    = "ext-authz"
+	AuthzEndpointNameForwardAuth = "forward-auth"
+
+	AuthzImplementationLegacy      = "Legacy"
+	AuthzImplementationAuthRequest = "AuthRequest"
+	AuthzImplementationExtAuthz    = "ExtAuthz"
+	AuthzImplementationForwardAuth = "ForwardAuth"
+
+	AuthzStrategyHeaderCookieSession                 = "CookieSession"
+	AuthzStrategyHeaderAuthorization                 = "HeaderAuthorization"
+	AuthzStrategyHeaderProxyAuthorization            = "HeaderProxyAuthorization"
+	AuthzStrategyHeaderAuthRequestProxyAuthorization = "HeaderAuthRequestProxyAuthorization"
+	AuthzStrategyHeaderLegacy                        = "HeaderLegacy"
 )
 
 const (