From 23d4122574e82c1da3514718a587bae0be2cbbf3 Mon Sep 17 00:00:00 2001 From: Ryan Petrello Date: Thu, 20 Sep 2018 15:14:33 -0400 Subject: [PATCH] properly support deprecated `Authorization: Token xyz` --- awx/main/middleware.py | 3 +++ awx/main/tests/functional/api/test_oauth.py | 9 +++++++++ 2 files changed, 12 insertions(+) diff --git a/awx/main/middleware.py b/awx/main/middleware.py index 3baeaa5d32..fb681639b5 100644 --- a/awx/main/middleware.py +++ b/awx/main/middleware.py @@ -257,6 +257,9 @@ class DeprecatedAuthTokenMiddleware(object): 'be replaced with OAuth2.0 in the next version of Ansible Tower ' '(see /api/o/ for more details).' ) + elif request.environ.get('HTTP_AUTHORIZATION', '').startswith('Token '): + token = request.environ['HTTP_AUTHORIZATION'].split(' ', 1)[-1].strip() + request.environ['HTTP_AUTHORIZATION'] = six.text_type('Bearer {}').format(token) class MigrationRanCheckMiddleware(object): diff --git a/awx/main/tests/functional/api/test_oauth.py b/awx/main/tests/functional/api/test_oauth.py index b497a7d45f..dc7de68fd7 100644 --- a/awx/main/tests/functional/api/test_oauth.py +++ b/awx/main/tests/functional/api/test_oauth.py @@ -380,6 +380,15 @@ def test_deprecated_authtoken_support(alice, fmt): assert resp.data['refresh_token'] is None assert resp.data['scope'] == 'write' + for _type in ('Token', 'Bearer'): + request = getattr(APIRequestFactory(), 'get')( + '/api/v2/me/', + HTTP_AUTHORIZATION=' '.join([_type, resp.data['token']]) + ) + DeprecatedAuthTokenMiddleware().process_request(request) + view, view_args, view_kwargs = resolve(request.path) + assert view(request, *view_args, **view_kwargs).status_code == 200 + @pytest.mark.django_db def test_deprecated_authtoken_invalid_username(alice):