Allow to customise API authorisation

[fdionisi]

Check for existing issues

• Completed

Describe the feature

Currently the EdcConnectorClient uses the EDC-standard x-api-key to authorise actions against a target connector.

This solutions works well in server-side environment, where the API key can be stored safely away from malicious users, but it doesn't fit a frontend environment which more easily exposes these secrets to the public.

From the experience gained so far, it is common to proxy EDC requests via a proxy which validate permissions through the user's authentication token (e.g., Bearer), and injects the appropriate x-api-key where the request is allowed.

If applicable, add text / mockups / screenshots to help present your vision of the feature

Arguably, implementors would be already able to use the current apiKey solution and passing the authentication bearer token instead of the Connector's secret. But for clarity, it would be nice to have an option that allows to customise the header sent via the EdcConnectorClient

The aim is to enable customisation via a builder field and constructor's option such that:

const client = new EdcConnectorClient.Builder()
  .managementUrl("https://edc.think-it.io/management")
  .authorizationHeader("Authorization")
  .authorizationToken("Bearer ...")
  .build();

await client.management.assets.create({ ... });