From 9853fbbb17866dcdc659cee1c979c18a50280cbb Mon Sep 17 00:00:00 2001 From: Peter Portante Date: Tue, 20 Dec 2022 11:15:17 -0500 Subject: [PATCH] Use the correct `abort` method --- lib/pbench/server/auth/auth.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/lib/pbench/server/auth/auth.py b/lib/pbench/server/auth/auth.py index c3f7ff98e5..ed95b07540 100644 --- a/lib/pbench/server/auth/auth.py +++ b/lib/pbench/server/auth/auth.py @@ -3,8 +3,9 @@ import os from typing import Optional -from flask import abort, request +from flask import request from flask_httpauth import HTTPTokenAuth +from flask_restful import abort import jwt from pbench.server.auth import OpenIDClient, OpenIDClientError @@ -60,26 +61,29 @@ def get_secret_key(self): def get_auth_token(self, logger): # get auth token + example = ( + "Please add Authorization header with Bearer token as," + " 'Authorization: Bearer '" + ) auth_header = request.headers.get("Authorization") - if not auth_header: abort( HTTPStatus.FORBIDDEN, - message="Please add authorization token as 'Authorization: Bearer '", + message=f"No Authorization header provided. {example}", ) try: - auth_schema, auth_token = auth_header.split() + auth_schema, auth_token = auth_header.split(" ", 1) except ValueError: abort( HTTPStatus.UNAUTHORIZED, - message="Malformed Authorization header, please add request header as Authorization: Bearer ", + message=f"Malformed Authorization header. {example}", ) else: if auth_schema.lower() != "bearer": abort( HTTPStatus.UNAUTHORIZED, - message="Malformed Authorization header, request needs bearer token: Bearer ", + message=f"Malformed Authorization header. {example}", ) return auth_token