parse_authorization#
- gafaelfawr.auth.parse_authorization(context)#
Find a handle or token in the Authorization header.
Supports either
Bearer
orBasic
authorization types. Rebinds the logging context to include the source of the token, if one is found.- Parameters:
context (
RequestContext
) – The context of the incoming request.- Returns:
The handle or token if one was found, otherwise
None
.- Return type:
str or None
- Raises:
InvalidRequestError – If the Authorization header is malformed.
Notes
A Basic Auth authentication string is normally a username and a password separated by colon and then base64-encoded. Support a username of the token (or session handle) and a password of
x-oauth-basic
, or a username ofx-oauth-basic
and a password of the token (or session handle). If neither is the case, assume the token or session handle is the username.