Authorization Credentials Stripped --- django, elastic beanstalk, oauth

sahutchi picture sahutchi · Mar 9, 2014 · Viewed 8.9k times · Source

I implemented a REST api in django with django-rest-framework and used oauth2 for authentication.

I tested with:

curl -X POST -d "client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=password&username=YOUR_USERNAME&password=YOUR_PASSWORD" http://localhost:8000/oauth2/access_token/

and

curl -H "Authorization: Bearer <your-access-token>" http://localhost:8000/api/

on localhost with successful results consistent with the documentation.

When pushing this up to an existing AWS elastic beanstalk instance, I received:

{ "detail" : "Authentication credentials were not provided." }

Answer

Manel Clos picture Manel Clos · Dec 15, 2015

I like the idea of just having some extra configuration on the standard place. In your .ebextensions directory create a wsgi_custom.config file with:

files:
  "/etc/httpd/conf.d/wsgihacks.conf":
    mode: "000644"
    owner: root
    group: root
    content: |
      WSGIPassAuthorization On

As posted here: https://forums.aws.amazon.com/message.jspa?messageID=376244