I'm using simple JWT for authentication in DRF project. when i try to access that api it showing bad_authorization_header

I am using simple jwt for my django rest framework project. I tried accessing using barrier token in postman it shows this error

{
    "detail": "Authorization header must contain two space-delimited values",
    "code": "bad_authorization_header"
}

My settings file code

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    ),
}


SIMPLE_JWT = {
  "ACCESS_TOKEN_LIFETIME": timedelta(days=15),
  "REFRESH_TOKEN_LIFETIME": timedelta(days=1),
  "ROTATE_REFRESH_TOKENS": True,
  "AUTH_HEADER_TYPES": ('Bearer',),
  "AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken", )   
}

views file code

@api_view(['GET'])
@permission_classes([IsAuthenticated])
def all_users(request):
  users = CustomUser.objects.all().order_by('id')
  serializers = UserSerializer(users, many=True)
  return Response({
    'All users':serializers.data
  }, status.HTTP_200_OK)

in postman my input for Bearer token was like

Bearer < access token >

Error during get_raw_token process to JWTAuthrozation class in simplejwt library.

The get_raw_token function verifies that the value of the Authorization Header field passed by the client is correct and returns only the token value.

class JWTAuthentication(authentication.BaseAuthentication):
    ...
    def get_raw_token(self, header: bytes) -> Optional[bytes]:
        """
        Extracts an unvalidated JSON web token from the given "Authorization"
        header value.
        """
        parts = header.split()
        if len(parts) == 0:
            # Empty AUTHORIZATION header sent
            return None

        if parts[0] not in AUTH_HEADER_TYPE_BYTES:
            # Assume the header does not contain a JSON web token
            return None

        if len(parts) != 2:
            raise AuthenticationFailed(
                _("Authorization header must contain two space-delimited values"),
                code="bad_authorization_header",
            )

        return parts[1]

The questioner was true in the last conditional statement, resulting in an error.

Here, the parts variable value is the value obtained by separating the value of the Authorization Header field delivered by the client based on a space.

enter image description here

If you look at my test, it's the value of Authorization like this

"Bearer {access_token}"

In the above case, the get_raw_token method assigns these values to the parts variable.

[b'Bearer', b'{access_token}']

My test is delivered in the right form, so there is no problem.

The error that occurred to you is when the number of parts is not 2.

This occurs when the value of Authorization have too many spaces.

like this enter image description here I gave .ey a blank space unlike before.

Make sure that the questioner delivered the value of Authorization in the correct form when delivering it.

"Authorization": "Bearer {access_token}"

Back to Top