Fixed bug when authorization header doesnt contain any white spaces.

hirokiky · hirokiky · commit 499074201164 · 2015-01-27T11:44:17.000+09:00
diff --git a/oauth2_provider/oauth2_validators.py b/oauth2_provider/oauth2_validators.py
@@ -36,7 +36,11 @@ def _extract_basic_auth(self, request):
         if not auth:
             return None
 
-        auth_type, auth_string = auth.split(' ', 1)
+        splitted = auth.split(' ', 1)
+        if len(splitted) != 2:
+            return None
+        auth_type, auth_string = splitted
+
         if auth_type != "Basic":
             return None
 
diff --git a/oauth2_provider/tests/test_oauth2_validators.py b/oauth2_provider/tests/test_oauth2_validators.py
@@ -42,6 +42,8 @@ def test_extract_basic_auth(self):
         self.assertIsNone(self.validator._extract_basic_auth(self.request))
         self.request.headers = {'HTTP_AUTHORIZATION': 'Dummy 123456'}
         self.assertIsNone(self.validator._extract_basic_auth(self.request))
+        self.request.headers = {'HTTP_AUTHORIZATION': 'Basic'}
+        self.assertIsNone(self.validator._extract_basic_auth(self.request))
         self.request.headers = {'HTTP_AUTHORIZATION': 'Basic 123456 789'}
         self.assertEqual(self.validator._extract_basic_auth(self.request), '123456 789')
 
