From 9fb749e0f3a9c6be66239428a923b4c8201624d6 Mon Sep 17 00:00:00 2001 From: James Hodgkinson Date: Mon, 20 Nov 2023 09:53:50 +1000 Subject: [PATCH 1/2] properly sending Bearer token types in OAuth2 --- oauthenticator/oauth2.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/oauthenticator/oauth2.py b/oauthenticator/oauth2.py index 0cf3c7df..01b4fe77 100644 --- a/oauthenticator/oauth2.py +++ b/oauthenticator/oauth2.py @@ -716,10 +716,17 @@ def build_userdata_request_headers(self, access_token, token_type): Builds and returns the headers to be used in the userdata request. Called by the :meth:`oauthenticator.OAuthenticator.token_to_user` """ + + # token_type is case-sensitive, but the headers are + if token_type.lower() == "bearer": + auth_token_type = "Bearer" + else: + auth_token_type = token_type + return { "Accept": "application/json", "User-Agent": "JupyterHub", - "Authorization": f"{token_type} {access_token}", + "Authorization": f"{auth_token_type} {access_token}", } def build_token_info_request_headers(self): From dee2609d44c0992b808ff1e0a5477221599e4ba4 Mon Sep 17 00:00:00 2001 From: James Hodgkinson Date: Tue, 21 Nov 2023 08:00:17 +1000 Subject: [PATCH 2/2] typo --- oauthenticator/oauth2.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oauthenticator/oauth2.py b/oauthenticator/oauth2.py index 01b4fe77..9ba66ecf 100644 --- a/oauthenticator/oauth2.py +++ b/oauthenticator/oauth2.py @@ -717,7 +717,7 @@ def build_userdata_request_headers(self, access_token, token_type): Called by the :meth:`oauthenticator.OAuthenticator.token_to_user` """ - # token_type is case-sensitive, but the headers are + # token_type is case-insensitive, but the headers are case-sensitive if token_type.lower() == "bearer": auth_token_type = "Bearer" else: