Merge pull request #1934 from NYPL-Simplified/develop

Authorization header fixes
NYPL-Simplified · Jul 29, 2024 · dde7385 · dde7385
2 parents 440c302 + e04a676
commit dde7385
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/api/authenticator.py b/api/authenticator.py
@@ -823,6 +823,8 @@ def authenticated_patron(self, _db, header):
         # Set provider_name and provider_token so it can be referenced
         # in the basic auth provider check.
         provider_name, provider_token = None, None
+        if isinstance(header, auth.Authorization):
+            header = header.parameters or header.to_header()
 
         if isinstance(header, (bytes, str)):
             try:
@@ -834,7 +836,7 @@ def authenticated_patron(self, _db, header):
 
         if (self.basic_auth_provider
                 and (
-                    (isinstance(header, (dict, auth.Authorization)) and 'username' in header)
+                    (isinstance(header, dict) and 'username' in header)
                     or provider_name == BasicAuthenticationProvider.BEARER_TOKEN_PROVIDER_NAME
                 )
             ):
@@ -2108,7 +2110,9 @@ def get_credential_from_header(self, header):
 
         :param header: A dictionary with keys `username` and `password`.
         """
-        if not isinstance(header, (dict, auth.Authorization)):
+        if isinstance(header, auth.Authorization):
+            header = header.parameters
+        elif not isinstance(header, dict):
             return None
         return header.get('password', None)