fixed: Handled error when authheader is Bearer with no token-string following up.

Author: Tuhin-thinks

oauth2_provider/middleware.py

@@ -52,8 +52,8 @@ def __init__(self, get_response):
 
     def __call__(self, request):
         authheader = request.META.get("HTTP_AUTHORIZATION", "")
-        if authheader.startswith("Bearer"):
-            tokenstring = authheader.split()[1]
+        if authheader.startswith("Bearer") and len(authheader.split(maxsplit=1)) == 2:
+            tokenstring = authheader.split(maxsplit=1)[1]
             AccessToken = get_access_token_model()
             try:
                 token_checksum = hashlib.sha256(tokenstring.encode("utf-8")).hexdigest()