Invalid Unicode byte in Authorization token raises an DjangoUnicodeDecodeError · Issue #2928 · encode/django-rest-framework (original) (raw)

When we sent an invalid/unicode byte in token authentication we got a 500 Internal Server Error (DjangoUnicodeDecodeError) instead of a 401 Unauthorized:

Stacktrace (most recent call last):

  File "django/core/handlers/base.py", line 132, in get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "python3.4/contextlib.py", line 30, in inner
    return func(*args, **kwds)
  File "django/views/decorators/csrf.py", line 58, in wrapped_view
    return view_func(*args, **kwargs)
  File "rest_framework/viewsets.py", line 85, in view
    return self.dispatch(request, *args, **kwargs)
  File "rest_framework/views.py", line 452, in dispatch
    response = self.handle_exception(exc)
  File "rest_framework/views.py", line 440, in dispatch
    self.initial(request, *args, **kwargs)
  File "rest_framework/views.py", line 354, in initial
    self.perform_authentication(request)
  File "rest_framework/views.py", line 292, in perform_authentication
    request.user
  File "rest_framework/request.py", line 491, in __getattribute__
    return super(Request, self).__getattribute__(attr)
  File "rest_framework/request.py", line 266, in user
    self._authenticate()
  File "rest_framework/request.py", line 454, in _authenticate
    user_auth_tuple = authenticator.authenticate(self)
  File "rest_framework/authentication.py", line 167, in authenticate
    return self.authenticate_credentials(auth[1])
  File "rest_framework/authentication.py", line 171, in authenticate_credentials
    token = self.model.objects.select_related('user').get(key=key)
  File "django/db/models/query.py", line 325, in get
    clone = self.filter(*args, **kwargs)
  File "django/db/models/query.py", line 679, in filter
    return self._filter_or_exclude(False, *args, **kwargs)
  File "django/db/models/query.py", line 697, in _filter_or_exclude
    clone.query.add_q(Q(*args, **kwargs))
  File "django/db/models/sql/query.py", line 1304, in add_q
    clause, require_inner = self._add_q(where_part, self.used_aliases)
  File "django/db/models/sql/query.py", line 1331, in _add_q
    current_negated=current_negated, connector=connector, allow_joins=allow_joins)
  File "django/db/models/sql/query.py", line 1203, in build_filter
    condition = self.build_lookup(lookups, col, value)
  File "django/db/models/sql/query.py", line 1096, in build_lookup
    return final_lookup(lhs, rhs)
  File "django/db/models/lookups.py", line 96, in __init__
    self.rhs = self.get_prep_lookup()
  File "django/db/models/lookups.py", line 134, in get_prep_lookup
    return self.lhs.output_field.get_prep_lookup(self.lookup_name, self.rhs)
  File "django/db/models/fields/__init__.py", line 727, in get_prep_lookup
    return self.get_prep_value(value)
  File "django/db/models/fields/__init__.py", line 1125, in get_prep_value
    return self.to_python(value)
  File "django/db/models/fields/__init__.py", line 1121, in to_python
    return smart_text(value)
  File "django/utils/encoding.py", line 56, in smart_text
    return force_text(s, encoding, strings_only, errors)
  File "django/utils/encoding.py", line 102, in force_text
    raise DjangoUnicodeDecodeError(s, *e.args)