Fix WWW-Authenticate header on 401
				
					
				
			This commit is contained in:
		
							parent
							
								
									29eb0304e5
								
							
						
					
					
						commit
						7b44beb1fd
					
				
					 2 changed files with 7 additions and 2 deletions
				
			
		|  | @ -39,9 +39,9 @@ api.decorators = [csrf_protect, | |||
| @crossdomain(origin='*', headers=['Authorization', 'Content-Type']) | ||||
| def handle_api_error(error): | ||||
|   response = Response(json.dumps(error.to_dict()), error.status_code,  mimetype='application/problem+json') | ||||
|   if error.status_code is 401: | ||||
|   if error.status_code == 401: | ||||
|     response.headers['WWW-Authenticate'] = ('Bearer error="%s" error_description="%s"' % | ||||
|                                             (error.error_type, error.error_description)) | ||||
|                                             (error.error_type.value, error.error_description)) | ||||
|   return response | ||||
| 
 | ||||
| def resource(*urls, **kwargs): | ||||
|  |  | |||
|  | @ -103,6 +103,11 @@ class TestAuth(ApiTestCase): | |||
|     self.conduct_basic_auth('$oauthtoken', 'foobar') | ||||
|     self.verify_no_identity() | ||||
| 
 | ||||
|   def test_oauth_invalid_http_response(self): | ||||
|     rv = self.app.get(api.url_for(User), headers={'Authorization': 'Bearer bad_token'}) | ||||
|     assert 'WWW-Authenticate' in rv.headers | ||||
|     self.assertEquals(401, rv.status_code) | ||||
| 
 | ||||
|   def test_oauth_valid_user(self): | ||||
|     user = model.user.get_user(ADMIN_ACCESS_USER) | ||||
|     self.create_oauth(user) | ||||
|  |  | |||
		Reference in a new issue