selectively authenticate with OAuth2 Backend

2026-01-13 11:00:03 -03:30 · 2018-06-20 23:09:52 -04:00 · 2018-06-20 23:09:52 -04:00 · 01a1d6ffd0
commit 01a1d6ffd0
parent f38b01c80e
1 changed files with 14 additions and 11 deletions
--- a/awx/api/authentication.py
+++ b/awx/api/authentication.py
@ -46,14 +46,17 @@ class SessionAuthentication(authentication.SessionAuthentication):
 class LoggedOAuth2Authentication(OAuth2Authentication):

    def authenticate(self, request):
-        ret = super(LoggedOAuth2Authentication, self).authenticate(request)
-        if ret:
-            user, token = ret
-            username = user.username if user else '<none>'
-            logger.info(smart_text(
-                u"User {} performed a {} to {} through the API using OAuth token {}.".format(
-                    username, request.method, request.path, token.pk
-                )
-            ))
-            setattr(user, 'oauth_scopes', [x for x in token.scope.split() if x])
-        return ret
+        if 'Bearer' in request.META['HTTP_AUTHORIZATION']:
+            ret = super(LoggedOAuth2Authentication, self).authenticate(request)
+            if ret:
+                user, token = ret
+                username = user.username if user else '<none>'
+                logger.debug(smart_text(
+                    u"User {} performed a {} to {} through the API using OAuth token {}.".format(
+                        username, request.method, request.path, token.pk
+                    )
+                ))
+                setattr(user, 'oauth_scopes', [x for x in token.scope.split() if x])
+            return ret
+        else:
+            return None