summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLars Wirzenius <lwirzenius@wikimedia.org>2019-07-04 17:16:47 +0300
committerLars Wirzenius <lwirzenius@wikimedia.org>2019-07-04 17:16:47 +0300
commit8013c283f157a1f6e59a5d14fdaa036acd561a97 (patch)
tree3c34added9e217cb09a67f9fc3104a9a9ac3a15f
parent2c3ef6626d7d68fa9a1816404d01035d9bdbd708 (diff)
downloadwmf-ci-arch-8013c283f157a1f6e59a5d14fdaa036acd561a97.tar.gz
Add: more logging for access checking
-rwxr-xr-xapi.py19
1 files changed, 15 insertions, 4 deletions
diff --git a/api.py b/api.py
index 88b6381..1415be9 100755
--- a/api.py
+++ b/api.py
@@ -94,11 +94,22 @@ class AccessChecker:
def _get_token_text(self, headers):
'''Extract access token from request headers or None if not there'''
v = headers.get('Authorization', '')
+ if not v:
+ logging.error('No Authorization header')
+ return None
+
words = v.split()
- if len(words) == 2:
- keyword, token_text = words
- if keyword.lower() == 'bearer':
- return token_text
+ if len(words) != 2:
+ logging.error('Authorization header does not contain two words')
+ return None
+
+ keyword, token_text = words
+ if keyword.lower() != 'bearer':
+ logging.error('Authorization header does not contain a Bearer token')
+ return None
+
+ logging.debug('Got an access token from Authorization header')
+ return token_text
class API: