diff options
author | Lars Wirzenius <lwirzenius@wikimedia.org> | 2019-07-04 17:16:47 +0300 |
---|---|---|
committer | Lars Wirzenius <lwirzenius@wikimedia.org> | 2019-07-04 17:16:47 +0300 |
commit | 8013c283f157a1f6e59a5d14fdaa036acd561a97 (patch) | |
tree | 3c34added9e217cb09a67f9fc3104a9a9ac3a15f | |
parent | 2c3ef6626d7d68fa9a1816404d01035d9bdbd708 (diff) | |
download | wmf-ci-arch-8013c283f157a1f6e59a5d14fdaa036acd561a97.tar.gz |
Add: more logging for access checking
-rwxr-xr-x | api.py | 19 |
1 files changed, 15 insertions, 4 deletions
@@ -94,11 +94,22 @@ class AccessChecker: def _get_token_text(self, headers): '''Extract access token from request headers or None if not there''' v = headers.get('Authorization', '') + if not v: + logging.error('No Authorization header') + return None + words = v.split() - if len(words) == 2: - keyword, token_text = words - if keyword.lower() == 'bearer': - return token_text + if len(words) != 2: + logging.error('Authorization header does not contain two words') + return None + + keyword, token_text = words + if keyword.lower() != 'bearer': + logging.error('Authorization header does not contain a Bearer token') + return None + + logging.debug('Got an access token from Authorization header') + return token_text class API: |