Token based auth for API users
We need to provide some python implementation that makes it easier for API users to use the access token authentification mechanism.
Current you have to call api/auth to get an access token. This token only has a limited lifespan. The bravado client is not checking and refreshing the token. For requests users, we also need some utility functions for auto refreshing the used token. Clients should also be-able to ask for access tokens directly (without using /api/auth).
-
OIDC-based utility function token(username=, password=)
that returns old if still valid, or new token -
bravado uses this function before each request