From 199c6b1f77ccb32335ec155a4a778b8bacc417a3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= <sybren@stuvel.eu>
Date: Fri, 8 Dec 2017 14:46:58 +0100
Subject: [PATCH] Auth: also support Bearer token authentication

This is commonly used in OAuth-authenticated calls, and can help us break
away from the username-is-auth-token stuff currently in use.
---
 pillar/api/utils/authentication.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pillar/api/utils/authentication.py b/pillar/api/utils/authentication.py
index 4ac9c84b..e0d14cb7 100644
--- a/pillar/api/utils/authentication.py
+++ b/pillar/api/utils/authentication.py
@@ -118,9 +118,13 @@ def validate_token():
 
     from pillar.auth import AnonymousUser
 
+    auth_header = request.headers.get('Authorization') or ''
     if request.authorization:
         token = request.authorization.username
         oauth_subclient = request.authorization.password
+    elif auth_header.startswith('Bearer '):
+        token = auth_header[7:].strip()
+        oauth_subclient = ''
     else:
         # Check the session, the user might be logged in through Flask-Login.
         from pillar import auth