Fix WWW-Authenticate header when non default JWT_AUTH_HEADER_PREFIX

cancan101 · cancan101 · commit 3e2568dfd589 · 2016-02-19T11:02:39.000-05:00
diff --git a/rest_framework_jwt/authentication.py b/rest_framework_jwt/authentication.py
@@ -101,4 +101,4 @@ def authenticate_header(self, request):
         header in a `401 Unauthenticated` response, or `None` if the
         authentication scheme should return `403 Permission Denied` responses.
         """
-        return 'JWT realm="{0}"'.format(self.www_authenticate_realm)
+        return '{0} realm="{1}"'.format(api_settings.JWT_AUTH_HEADER_PREFIX, self.www_authenticate_realm)
diff --git a/tests/test_authentication.py b/tests/test_authentication.py
@@ -114,6 +114,7 @@ def test_post_form_failing_jwt_auth(self):
         """
         response = self.csrf_client.post('/jwt/', {'example': 'example'})
         self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+        self.assertEqual(response['WWW-Authenticate'], 'JWT realm="api"')
 
     def test_post_json_failing_jwt_auth(self):
         """
@@ -268,3 +269,18 @@ def test_different_auth_header_prefix(self):
 
         # Restore original settings
         api_settings.JWT_AUTH_HEADER_PREFIX = DEFAULTS['JWT_AUTH_HEADER_PREFIX']
+
+    def test_post_form_failing_jwt_auth_different_auth_header_prefix(self):
+        """
+        Ensure using a different setting for `JWT_AUTH_HEADER_PREFIX` and
+        POSTing form over JWT auth without correct credentials fails and
+        generated correct WWW-Authenticate header
+        """
+        api_settings.JWT_AUTH_HEADER_PREFIX = 'Bearer'
+
+        response = self.csrf_client.post('/jwt/', {'example': 'example'})
+        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+        self.assertEqual(response['WWW-Authenticate'], 'Bearer realm="api"')
+
+        # Restore original settings
+        api_settings.JWT_AUTH_HEADER_PREFIX = DEFAULTS['JWT_AUTH_HEADER_PREFIX']
