Can the OAuth authenticator directive do the following:
bearer <token>, pass the
<token>portion to the authenticator
Have the authenticator either return the
Accountobject (if verified), or a
If verified, make the
Accountobject available for further processing (to prevent needing to hit the db again), and if not, reject the request.
Is something like this possible via either the
Oauth authenticators or any other directives, or should I write this own my own?