Passing empty token results in IndexError

[cal97g]

[2019-10-24 11:39:00 +0100] [22] [ERROR] Error handling request XXXXXXXXXXX
Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/gunicorn/workers/sync.py", line 135, in handle
    self.handle_request(listener, req, client, addr)
  File "/usr/local/lib/python3.7/site-packages/gunicorn/workers/sync.py", line 176, in handle_request
    respiter = self.wsgi(environ, resp.start_response)
  File "/usr/local/lib/python3.7/site-packages/sentry_sdk/integrations/flask.py", line 69, in sentry_patched_wsgi_app
    environ, start_response
  File "/usr/local/lib/python3.7/site-packages/sentry_sdk/integrations/wsgi.py", line 106, in __call__
    reraise(*_capture_exception(hub))
  File "/usr/local/lib/python3.7/site-packages/sentry_sdk/_compat.py", line 54, in reraise
    raise value
  File "/usr/local/lib/python3.7/site-packages/sentry_sdk/integrations/wsgi.py", line 103, in __call__
    functools.partial(_sentry_start_response, start_response, span),
  File "/usr/local/lib/python3.7/site-packages/sentry_sdk/integrations/flask.py", line 68, in <lambda>
    return SentryWsgiMiddleware(lambda *a, **kw: old_app(self, *a, **kw))(
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 2463, in __call__
    return self.wsgi_app(environ, start_response)
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 2449, in wsgi_app
    response = self.handle_exception(e)
  File "/usr/local/lib/python3.7/site-packages/flask_cors/extension.py", line 161, in wrapped_function
    return cors_after_request(app.make_response(f(*args, **kwargs)))
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1866, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/local/lib/python3.7/site-packages/flask/_compat.py", line 39, in reraise
    raise value
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 2446, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1951, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/usr/local/lib/python3.7/site-packages/flask_cors/extension.py", line 161, in wrapped_function
    return cors_after_request(app.make_response(f(*args, **kwargs)))
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1820, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/local/lib/python3.7/site-packages/flask/_compat.py", line 39, in reraise
    raise value
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1949, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/local/lib/python3.7/site-packages/flask/app.py", line 1935, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/usr/local/lib/python3.7/site-packages/flask_jwt_extended/view_decorators.py", line 103, in wrapper
    verify_jwt_in_request()
  File "/usr/local/lib/python3.7/site-packages/flask_jwt_extended/view_decorators.py", line 32, in verify_jwt_in_request
    jwt_data = _decode_jwt_from_request(request_type='access')
  File "/usr/local/lib/python3.7/site-packages/flask_jwt_extended/view_decorators.py", line 288, in _decode_jwt_from_request
    encoded_token, csrf_token = get_encoded_token_function()
  File "/usr/local/lib/python3.7/site-packages/flask_jwt_extended/view_decorators.py", line 204, in _decode_jwt_from_headers
    encoded_token = parts[1]
IndexError: list index out of range

When you pass the following header:

{"Authorization": "Bearer "}

It should result in some sort of 401 or 400, not produce a 500.

[vimalloc]

Whoops, I think that is a regression in one of the newest releases. I’ll get a fix up and a new version released later today. Thanks for letting us know! 👍

[vimalloc]

Fix released in version 3.24.1 👍