I have a particular situation where we're using Django's OAuth2 toolkit. I need to answer a request with a wrong token with a 401 (with a json) instead of a 403 forbidden.
Following this commit I managed to come with this change to:
oauth2_provider/views/mixins.py
class ProtectedResourceMixin(OAuthLibMixin):
def dispatch(self, request, *args, **kwargs):
if request.method.upper() == "OPTIONS":
return super().dispatch(request, *args, **kwargs)
valid, r = self.verify_request(request)
if valid:
request.resource_owner = r.user
return super().dispatch(request, *args, **kwargs)
else:
request.oauth2_error = getattr(r, "oauth2_error", {})
print(str(self.request.oauth2_error['error']))
data= {
"errors": [
{
"message": str(self.request.oauth2_error['error'])
}
],
}
return HttpResponse(json.dumps(data,ensure_ascii=False),content_type="application/json; charset=utf-8",status= 401)
#return HttpResponseForbidden()
My problem is that even though this solution works it is on the actual file of the library. I would like to implement this without modifying the library.
For my understanding I should be able to create my own custom mixin but I wasn't able to find an example of that sort of implementation, yet.
I'm not using Django rest framework.