adsabs · tjacovich · Jun 12, 2025 · Jun 11, 2025 · Jun 12, 2025 · Jun 12, 2025
diff --git a/apigateway/app.py b/apigateway/app.py
@@ -85,7 +85,7 @@ def unauthorized():
         This overrides the default behavior or re-directing to a login view
         """
         abort(401)
-
+        
     @app.teardown_request
     def teardown_request(exception=None):
         """This function will close active transaction, if there is one

diff --git a/apigateway/tests/test_services.py b/apigateway/tests/test_services.py
@@ -110,6 +110,7 @@ def test_route():
 
             assert "X-api-uid" in request.headers
 
+
     def test_headers_not_set(self, app):
 
         @app.route("/test_auth_headers_not_set")

diff --git a/apigateway/utils.py b/apigateway/utils.py
@@ -7,6 +7,7 @@
 
 import jsondiff as jd
 import requests
+from authlib.oauth2.rfc6749.errors import UnsupportedTokenTypeError
 from authlib.integrations.flask_oauth2 import ResourceProtector
 from flask import Request, current_app, request
 from flask.views import View
@@ -259,6 +260,10 @@ def _construct_remote_url(self) -> str:
 class GatewayResourceProtector(ResourceProtector):
     def raise_error_response(self, error):
         body = json.dumps(dict({"message": error.description}))
+        if type(error)==UnsupportedTokenTypeError:
+            current_app.logger.info("Token not recognized as a Bearer Token.")
+            body="Unauthorized. If you are using the API, please confirm your Authorization header is of the form Bearer TOKEN and not Bearer:TOKEN"
+            raise Oauth2HttpError(error.status_code, error.description, body, error.get_headers())
         raise Oauth2HttpError(error.status_code, error.description, body, error.get_headers())
Original file line number	Diff line number	Diff line change
Expand Up		@@ -110,6 +110,7 @@ def test_route():

		assert "X-api-uid" in request.headers


		def test_headers_not_set(self, app):

		@app.route("/test_auth_headers_not_set")
Expand Down