diff --git a/HISTORY.rst b/HISTORY.rst index d7db57a9..b22abace 100644 --- a/HISTORY.rst +++ b/HISTORY.rst @@ -3,6 +3,10 @@ History ------- +pending +======= +* Fix bug in ``contrib.drf.OIDCAuthentication`` where ``error_description`` is assumed to be present in ``www-authenticate`` header despite it being optional in the spec. + 2.0.0 (2021-07-27) ================== diff --git a/mozilla_django_oidc/contrib/drf.py b/mozilla_django_oidc/contrib/drf.py index af59b1b5..91f8ccc5 100644 --- a/mozilla_django_oidc/contrib/drf.py +++ b/mozilla_django_oidc/contrib/drf.py @@ -86,7 +86,11 @@ def authenticate(self, request): # we can get from the www-authentication header) in the response. if resp.status_code == 401 and "www-authenticate" in resp.headers: data = parse_www_authenticate_header(resp.headers["www-authenticate"]) - raise exceptions.AuthenticationFailed(data["error_description"]) + raise exceptions.AuthenticationFailed( + data.get( + "error_description", "no error description in www-authenticate" + ) + ) # for all other http errors, just re-raise the exception. raise