Currently ExchangeFilterFunctions provides a USERNAME_ATTRIBUTE and a PASSWORD_ATTRIBUTE and will populate the credentials in a Basic authentication header if the attributes are found.
I think this will lead to issues if we provide other ways to authenticate. Consider a client that adds both basic authentication and digest authentication (if this is eventually supported). The user wants to specify to use basic authentication so the attributes are provided. However, digest authentication overrides the basic authentication header.
Instead, it might be better to use a richer domain model for the attributes to ensure the users choice is clear.
The domain model might even provide a way to add itself to read / write the model to the attributes. For example, something like this:
Consumers would then be able to use:
Comparing that vs:
Plus now we would be able to differentiate between the two credential types because we would add a DigestAuthenticationCredential if we supported it later on.