Authenticating Key with Bearer prefix


We are currently using the community edition. We use the key auth plugin to authenticate the key that is passed in the header. One product that we integrate with allows for specifying the key to pass to us in the header when it calls us and it passes it in the Authorization header field but it passes the key with a "Bearer: " prefix. The key auth plugin looks like it cannot be configured to support keys that have some prefix. I was looking at some other auth plugins and it looks like they don’t support this either. We can create our own key auth plugin based on the key auth plugin where we could allow for it but is there some other way we can do this with community edition?

Is this something that would be supported in enterprise edition? I see that in the request transformer plugin that if we get the enterprise edition then access to a feature in the plugin to dynamically transform request based on request content. With that would be able to strip out the "Bearer: " prefix in the authentication header priory to the key auth plugin checking it?


For anyone needs to do something similar, the simplest way we found is to use the pre-function plugin which runs before other plugins run in the access phase. So this runs before the key-auth plugin so we configure code in pre-function plugin to strip out the "Bearer " prefix on the token before it gets to the key-auth plugin.