[#7832] ticket:740 Format auth header according to spec

commit: d07d77d56c130a9c129576eee8b0a0f884d78ea5 [log] [tgz]
author: Igor Bondarenko <jetmind2@gmail.com> Wed Feb 25 14:21:58 2015 +0000
committer: Igor Bondarenko <jetmind2@gmail.com> Wed Feb 25 14:21:58 2015 +0000
tree: 0956bb2e0f7074f1f0e24e2b4e699999d00d7d05
parent: 2b4e30e8e1b930e676bbb6c50aab5570e3d9f727 [diff]
diff --git a/Allura/allura/controllers/rest.py b/Allura/allura/controllers/rest.py
index ab21649..8eafa30 100644
--- a/Allura/allura/controllers/rest.py
+++ b/Allura/allura/controllers/rest.py

@@ -107,7 +107,7 @@ def server(self):
         return result
 
     def _authenticate(self):
-        bearer_token_prefix = 'OAuth BearerToken access_token='
+        bearer_token_prefix = 'Bearer '
         auth = request.headers.get('Authorization')
         if auth and auth.startswith(bearer_token_prefix):
             access_token = auth[len(bearer_token_prefix):]

diff --git a/Allura/allura/tests/functional/test_rest.py b/Allura/allura/tests/functional/test_rest.py
index fca1078..43a92d1 100644
--- a/Allura/allura/tests/functional/test_rest.py
+++ b/Allura/allura/tests/functional/test_rest.py

@@ -92,7 +92,7 @@ def test_bearer_token_valid(self, request):
     @mock.patch('allura.controllers.rest.request')
     def test_bearer_token_non_bearer_via_headers(self, request, OAuthAccessToken):
         request.headers = {
-            'Authorization': 'OAuth BearerToken access_token=foo'
+            'Authorization': 'Bearer foo'
         }
         request.scheme = 'https'
         self._patch_token(OAuthAccessToken)
@@ -106,7 +106,7 @@ def test_bearer_token_non_bearer_via_headers(self, request, OAuthAccessToken):
     @mock.patch('allura.controllers.rest.request')
     def test_bearer_token_invalid_via_headers(self, request, OAuthAccessToken):
         request.headers = {
-            'Authorization': 'OAuth BearerToken access_token=foo'
+            'Authorization': 'Bearer foo'
         }
         request.scheme = 'https'
         self._patch_token(OAuthAccessToken)
@@ -138,7 +138,7 @@ def test_bearer_token_valid_via_headers(self, request):
         ThreadLocalODMSession.flush_all()
         token = access_token.api_key
         request.headers = {
-            'Authorization': 'OAuth BearerToken access_token={}'.format(token)
+            'Authorization': 'Bearer {}'.format(token)
         }
         request.scheme = 'https'
         r = self.api_post('/rest/p/test/wiki', access_token='foo')

diff --git a/AlluraTest/alluratest/controller.py b/AlluraTest/alluratest/controller.py
index c64ea5f..0f13c5d 100644
--- a/AlluraTest/alluratest/controller.py
+++ b/AlluraTest/alluratest/controller.py

@@ -224,7 +224,7 @@ def _api_call(self, method, path, wrap_args=None, user='test-admin', status=None
 
         token = self.token(user).api_key
         headers = {
-            'Authorization': 'OAuth BearerToken access_token={}'.format(token)
+            'Authorization': 'Bearer {}'.format(token)
         }
 
         fn = getattr(self.app, method.lower())
commit	d07d77d56c130a9c129576eee8b0a0f884d78ea5	[log] [tgz]
author	Igor Bondarenko <jetmind2@gmail.com>	Wed Feb 25 14:21:58 2015 +0000
committer	Igor Bondarenko <jetmind2@gmail.com>	Wed Feb 25 14:21:58 2015 +0000
tree	0956bb2e0f7074f1f0e24e2b4e699999d00d7d05
parent	2b4e30e8e1b930e676bbb6c50aab5570e3d9f727 [diff]