From 01a1d6ffd057c52b6781ddf5d13fa6a93ae82f0e Mon Sep 17 00:00:00 2001
From: adamscmRH <chadams@redhat.com>
Date: Wed, 20 Jun 2018 23:09:52 -0400
Subject: [PATCH] selectively authenticate with OAuth2 Backend

---
 awx/api/authentication.py | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/awx/api/authentication.py b/awx/api/authentication.py
index f0d345e444..8ba8e11d34 100644
--- a/awx/api/authentication.py
+++ b/awx/api/authentication.py
@@ -46,14 +46,17 @@ class SessionAuthentication(authentication.SessionAuthentication):
 class LoggedOAuth2Authentication(OAuth2Authentication):
 
     def authenticate(self, request):
-        ret = super(LoggedOAuth2Authentication, self).authenticate(request)
-        if ret:
-            user, token = ret
-            username = user.username if user else '<none>'
-            logger.info(smart_text(
-                u"User {} performed a {} to {} through the API using OAuth token {}.".format(
-                    username, request.method, request.path, token.pk
-                )
-            ))
-            setattr(user, 'oauth_scopes', [x for x in token.scope.split() if x])
-        return ret
+        if 'Bearer' in request.META['HTTP_AUTHORIZATION']:
+            ret = super(LoggedOAuth2Authentication, self).authenticate(request)
+            if ret:
+                user, token = ret
+                username = user.username if user else '<none>'
+                logger.debug(smart_text(
+                    u"User {} performed a {} to {} through the API using OAuth token {}.".format(
+                        username, request.method, request.path, token.pk
+                    )
+                ))
+                setattr(user, 'oauth_scopes', [x for x in token.scope.split() if x])
+            return ret
+        else:
+            return None