Build ponos delegated auth
Refs https://redmine.teklia.com/issues/3228
The goal is to generate unique token by ponos task, linked to the process creator user rights: a ponos task should not have an is_internal access anymore (to prevent nasty tasks / security risks).
- add a new DRF authentication plugin that requires a
Authorization: Ponos XXXtoken - that token is uniquely generated for each task (uuid4 + base64)
- the plugin retrieves the ponos task and finds its creator (through Workflow and Process).
- add the token to the ponos tasks by adding new environment variable
TASK_AUTH_TOKEN- the default current token should still be sent to support old workers
- allow API access to ponos authenticated tasks for
UpdateWorkerActivityandRetrieveSecret