Skip to content

Fixed Handled error in OAuth2ExtraTokenMiddleware when authheader has Bearer with no token-string following up #1502

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Nov 14, 2025
Merged

Fixed Handled error in OAuth2ExtraTokenMiddleware when authheader has Bearer with no token-string following up #1502

merged 5 commits into from
Nov 14, 2025
+104 −3

Conversation

@Tuhin-thinks
Copy link
Contributor

@Tuhin-thinks Tuhin-thinks commented Sep 21, 2024
edited
Loading

Fixed the crash in application while using OAuth2ExtraTokenMiddleware. When Bearer token passed is empty.
Authorization: Bearer would result in this crash.

Fixes #1496

Description of the Change

Checklist

  • PR only contains one change (considered splitting up PR)
  • unit-test added
  • documentation updated
  • CHANGELOG.md updated (only for user relevant changes)
  • author name in AUTHORS

@n2ygk n2ygk added this to the Release 3.1.0 milestone Sep 22, 2024
@n2ygk n2ygk force-pushed the bug/1496/unhandled-empty-bearer-token-exception branch from 3efa9a5 to f87c5f4 Compare September 22, 2024 17:56
n2ygk
n2ygk previously requested changes Sep 22, 2024
View reviewed changes
Copy link
Contributor

@n2ygk n2ygk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this fix. Please also add a test case in tests/test_auth_backends.py to assure full code coverage.

@dopry
Copy link
Member

dopry commented Oct 4, 2024

@Tuhin-thinks this looks good. I think the last task to get this merge ready is the test.

@Tuhin-thinks
Copy link
Contributor Author

Tuhin-thinks commented Oct 4, 2024

@dopry Thanks, I am getting them ready.

@dopry
Copy link
Member

dopry commented Nov 3, 2025

@Tuhin-thinks any updates on the tests?

@Tuhin-thinks Tuhin-thinks requested a review from n2ygk November 9, 2025 21:15
@Tuhin-thinks
Copy link
Contributor Author

Tuhin-thinks commented Nov 9, 2025

@Tuhin-thinks any updates on the tests?

Hi, @dopry really sorry about the long wait.
Added test cases now, for middleware.py file's validation.

Please let me know once you find time to review this.

@dopry
Copy link
Member

dopry commented Nov 14, 2025

Hi, @dopry really sorry about the long wait. Added test cases now, for middleware.py file's validation.

Please let me know once you find time to review this.

Say nothing of it. It's open source and we're all volunteers. There isn't a schedule to keep here. :)

@codecov
Copy link

codecov bot commented Nov 14, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@dopry dopry force-pushed the bug/1496/unhandled-empty-bearer-token-exception branch from cd6eac8 to 10a210a Compare November 14, 2025 01:56
@dopry dopry dismissed n2ygk’s stale review November 14, 2025 02:05

His comments have been addressed. Tests are added and the split issue is resolved.

@dopry dopry merged commit bade920 into django-oauth:master Nov 14, 2025
26 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dopry dopry dopry approved these changes

@n2ygk n2ygk Awaiting requested review from n2ygk

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

Release 3.1.0

Development

Successfully merging this pull request may close these issues.

Empty Bearer token results in unhandled exception

3 participants

@Tuhin-thinks @dopry @n2ygk