descope · aviadl · Aug 16, 2022 · Aug 16, 2022
diff --git a/descope/auth.py b/descope/auth.py
@@ -1,4 +1,3 @@
-import base64
 import json
 import os
 import re
@@ -339,11 +338,10 @@ def _get_default_headers(self, pswd: str = None):
         headers = {}
         headers["Content-Type"] = "application/json"
 
+        bearer = self.project_id
         if pswd:
-            bytes = f"{self.project_id}:{pswd}".encode("ascii")
-        else:
-            bytes = f"{self.project_id}:".encode("ascii")
-        headers["Authorization"] = f"Basic {base64.b64encode(bytes).decode('ascii')}"
+            bearer = f"{self.project_id}:{pswd}"
+        headers["Authorization"] = f"Bearer {bearer}"
         return headers
 
     def _validate_and_load_tokens(self, session_token: str, refresh_token: str) -> dict:

diff --git a/tests/test_exchanger.py b/tests/test_exchanger.py
@@ -51,7 +51,7 @@ def test_exchange_token(self):
                 f"{DEFAULT_BASE_URL}{EndpointsV1.exchangeTokenPath}",
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 params={"code": "c1"},
                 allow_redirects=False,

diff --git a/tests/test_magiclink.py b/tests/test_magiclink.py
@@ -249,7 +249,7 @@ def test_sign_in_cross_device(self):
                 f"{DEFAULT_BASE_URL}{EndpointsV1.signInAuthMagicLinkPath}/email",
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 data=json.dumps(
                     {
@@ -280,7 +280,7 @@ def test_sign_up_cross_device(self):
                 f"{DEFAULT_BASE_URL}{EndpointsV1.signUpAuthMagicLinkPath}/email",
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 data=json.dumps(
                     {
@@ -312,7 +312,7 @@ def test_sign_up_or_in_cross_device(self):
                 f"{DEFAULT_BASE_URL}{EndpointsV1.signUpOrInAuthMagicLinkPath}/email",
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 data=json.dumps(
                     {

diff --git a/tests/test_oauth.py b/tests/test_oauth.py
@@ -70,7 +70,7 @@ def test_oauth_start(self):
                 expected_uri,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 params={"provider": "facebook"},
                 allow_redirects=False,

diff --git a/tests/test_saml.py b/tests/test_saml.py
@@ -52,7 +52,7 @@ def test_saml_start(self):
                 expected_uri,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 params={"tenant": "tenant1", "redirectURL": "http://dummy.com"},
                 allow_redirects=None,

diff --git a/tests/test_totp.py b/tests/test_totp.py
@@ -120,7 +120,7 @@ def test_update_user(self):
                 expected_uri,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6ZXlKaGJHY2lPaUpGVXpNNE5DSXNJbXRwWkNJNklqSkNkRFZYVEdOalRGVmxlVEZFY0RkMWRIQjBXbUl6Um5nNVN5SXNJblI1Y0NJNklrcFhWQ0o5LmV5SmhkWFJvYjNKcGVtVmtWR1Z1WVc1MGN5STZleUlpT201MWJHeDlMQ0pqYjI5cmFXVkViMjFoYVc0aU9pSWlMQ0pqYjI5cmFXVkZlSEJwY21GMGFXOXVJam94TmpZd05qYzVNakE0TENKamIyOXJhV1ZOWVhoQloyVWlPakkxT1RFNU9Ua3NJbU52YjJ0cFpVNWhiV1VpT2lKRVUxSWlMQ0pqYjI5cmFXVlFZWFJvSWpvaUx5SXNJbVY0Y0NJNk1qQTVNREE0TnpJd09Dd2lhV0YwSWpveE5qVTRNRGczTWpBNExDSnBjM01pT2lJeVFuUTFWMHhqWTB4VlpYa3hSSEEzZFhSd2RGcGlNMFo0T1VzaUxDSnpkV0lpT2lJeVF6VTFkbmw0ZHpCelVrdzJSbVJOTmpoeFVuTkRSR1JTVDFZaWZRLmNXUDV1cDRSNXhlSWwycW9HMk50ZkxIM1E1blJKVktkei1GRG9BWGN0T1FXOWczY2VaUWk2clpRLVRQQmFYTUt3NjhiaWpOM2JMSlRxeFdXNVdIenFSVWVvcGZ1elRjTVltQzB3UDJYR0prcmRGNkE4RDVRVzZhY1NHcWdsRmd1",
+                    "Authorization": f"Bearer {self.dummy_project_id}:{valid_jwt_token}",
                 },
                 data=json.dumps({"externalId": "dummy@dummy.com"}),
                 verify=True,

diff --git a/tests/test_webauthn.py b/tests/test_webauthn.py
@@ -94,7 +94,7 @@ def test_sign_up_start(self):
                 expected_uri,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 data=json.dumps(
                     {"user": {"externalId": "id1"}, "origin": "https://example.com"}
@@ -142,7 +142,7 @@ def test_sign_up_finish(self):
                 expected_uri,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 data=json.dumps({"transactionId": "t01", "response": "response01"}),
                 verify=True,
@@ -188,7 +188,7 @@ def test_sign_in_start(self):
                 expected_uri,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 data=json.dumps({"externalId": "id1", "origin": "https://example.com"}),
                 verify=True,
@@ -227,7 +227,7 @@ def test_sign_in_finish(self):
                 expected_uri,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 data=json.dumps({"transactionId": "t01", "response": "response01"}),
                 verify=True,
@@ -293,7 +293,7 @@ def test_add_device_start(self):
                 expected_uri,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6YXNkYXNk",
+                    "Authorization": f"Bearer {self.dummy_project_id}:asdasd",
                 },
                 data=json.dumps(
                     {"externalId": "dummy@dummy.com", "origin": "https://example.com"}
@@ -335,7 +335,7 @@ def test_add_device_finish(self):
                 expected_uri,
                 headers={
                     "Content-Type": "application/json",
-                    "Authorization": "Basic ZHVtbXk6",
+                    "Authorization": f"Bearer {self.dummy_project_id}",
                 },
                 data=json.dumps({"transactionId": "t01", "response": "response01"}),
                 verify=True,