Properly fail to wrong Authorization token type

author: Pierre Dulac 2013-03-02 20:17:14 +0100
committer: Pierre Dulac 2013-03-02 20:17:14 +0100
commit: c449dd4f4d8c9602c826e906870a87c13d6689de (patch)
tree: 1c05765a614b88d8fdd0efce7b0b66787711848f /rest_framework
parent: 8809c46ab5d2a09d5a956ccffcb2ae2db95c5c1b (diff)
download: django-rest-framework-c449dd4f4d8c9602c826e906870a87c13d6689de.tar.bz2
1 files changed, 1 insertions, 3 deletions
diff --git a/rest_framework/authentication.py b/rest_framework/authentication.py
index c74078fc..d4ba7967 100644
--- a/rest_framework/authentication.py
+++ b/rest_framework/authentication.py
@@ -176,7 +176,7 @@ class OAuth2Authentication(BaseAuthentication):
         """
         auth = request.META.get('HTTP_AUTHORIZATION', '').split()
         if not auth or auth[0].lower() != "bearer":
-            return None
+            raise exceptions.AuthenticationFailed('Invalid Authorization token type')
 
         if len(auth) != 2:
             raise exceptions.AuthenticationFailed('Invalid token header')
@@ -212,8 +212,6 @@ class OAuth2Authentication(BaseAuthentication):
         raise exceptions.AuthenticationFailed(
             'You are not allowed to access this resource.')
 
-        return None
-
     def authenticate_header(self, request):
         """
         Bearer is the only finalized type currently
author	Pierre Dulac	2013-03-02 20:17:14 +0100
committer	Pierre Dulac	2013-03-02 20:17:14 +0100
commit	c449dd4f4d8c9602c826e906870a87c13d6689de (patch)
tree	1c05765a614b88d8fdd0efce7b0b66787711848f /rest_framework
parent	8809c46ab5d2a09d5a956ccffcb2ae2db95c5c1b (diff)
download	django-rest-framework-c449dd4f4d8c9602c826e906870a87c13d6689de.tar.bz2