From 3c14cec134c5296d71eca9ccddd9c5d730fd17f7 Mon Sep 17 00:00:00 2001 From: Sascha P Date: Mon, 9 Mar 2020 13:22:03 +0100 Subject: [PATCH 1/2] Fixing oauth_consumer_key nor being part of message Fixes if the provided content is no valid json or oauth_consumer_key not being part of the message. --- tastypie_oauth/authentication.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tastypie_oauth/authentication.py b/tastypie_oauth/authentication.py index 4f9af22..52a7558 100644 --- a/tastypie_oauth/authentication.py +++ b/tastypie_oauth/authentication.py @@ -54,7 +54,10 @@ def is_authenticated(self, request, **kwargs): if not key and request.method == 'POST': if request.META.get('CONTENT_TYPE') == 'application/json': decoded_body = request.body.decode('utf8') - key = json.loads(decoded_body)['oauth_consumer_key'] + try: + key = json.loads(decoded_body)['oauth_consumer_key'] + except (ValueError, KeyError): + pass if not key: log.info('OAuth20Authentication. No consumer_key found.') return None From 26f570b97d9c4162de1636b51e9ca0a4b79ecac6 Mon Sep 17 00:00:00 2001 From: Sascha P Date: Thu, 1 Apr 2021 09:09:09 +0200 Subject: [PATCH 2/2] Catch verify_access_token throwing OAuthError --- tastypie_oauth/authentication.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tastypie_oauth/authentication.py b/tastypie_oauth/authentication.py index 52a7558..9b0fcdf 100644 --- a/tastypie_oauth/authentication.py +++ b/tastypie_oauth/authentication.py @@ -78,6 +78,8 @@ def is_authenticated(self, request, **kwargs): log.exception("Error in OAuth20Authentication.") request.user = AnonymousUser() return False + except OAuthError: + return False except Exception: log.exception("Error in OAuth20Authentication.") return False