From 8013c283f157a1f6e59a5d14fdaa036acd561a97 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <lwirzenius@wikimedia.org>
Date: Thu, 4 Jul 2019 17:16:47 +0300
Subject: Add: more logging for access checking

---
 api.py | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/api.py b/api.py
index 88b6381..1415be9 100755
--- a/api.py
+++ b/api.py
@@ -94,11 +94,22 @@ class AccessChecker:
     def _get_token_text(self, headers):
         '''Extract access token from request headers or None if not there'''
         v = headers.get('Authorization', '')
+        if not v:
+            logging.error('No Authorization header')
+            return None
+
         words = v.split()
-        if len(words) == 2:
-            keyword, token_text = words
-            if keyword.lower() == 'bearer':
-                return token_text
+        if len(words) != 2:
+            logging.error('Authorization header does not contain two words')
+            return None
+
+        keyword, token_text = words
+        if keyword.lower() != 'bearer':
+            logging.error('Authorization header does not contain a Bearer token')
+            return None
+
+        logging.debug('Got an access token from Authorization header')
+        return token_text
 
 
 class API:
-- 
cgit v1.2.1