Handle unauthorized exceptions in a custom handler

closes pulp#1254

CHANGES/1254.bugfix

@@ -0,0 +1 @@
+Fixed a bug that disallowed users to configure custom authentication classes for the token server.

pulp_container/app/exceptions.py

@@ -1,4 +1,19 @@
-from rest_framework.exceptions import NotFound, ParseError
+from rest_framework import status, views
+from rest_framework.exceptions import (
+    AuthenticationFailed,
+    NotAuthenticated,
+    NotFound,
+    ParseError,
+)
+
+
+def unauthorized_exception_handler(exc, context):
+    response = views.exception_handler(exc, context)
+
+    if isinstance(exc, (AuthenticationFailed, NotAuthenticated)):
+        response.status_code = status.HTTP_401_UNAUTHORIZED
+
+    return response
 
 
 class RepositoryNotFound(NotFound):

pulp_container/app/registry_api.py

@@ -28,7 +28,6 @@
 from pulpcore.plugin.files import PulpTemporaryUploadedFile
 from pulpcore.plugin.tasking import add_and_remove, dispatch
 from pulpcore.plugin.util import get_objects_for_user
-from rest_framework.authentication import BasicAuthentication
 from rest_framework.exceptions import (
     AuthenticationFailed,
     NotAuthenticated,
@@ -357,7 +356,6 @@ class BearerTokenView(APIView):
     """
 
     # Allow everyone to access but still value authenticated users.
-    authentication_classes = [BasicAuthentication]
     permission_classes = []
 
     def get(self, request):

pulp_container/app/settings.py

@@ -1,4 +1,12 @@
+from copy import deepcopy
+from django.conf import settings
+
 DRF_ACCESS_POLICY = {
     "dynaconf_merge_unique": True,
     "reusable_conditions": ["pulp_container.app.global_access_conditions"],
 }
+
+REST_FRAMEWORK = deepcopy(settings.REST_FRAMEWORK)
+REST_FRAMEWORK.update(
+    {"EXCEPTION_HANDLER": "pulp_container.app.exceptions.unauthorized_exception_handler"}
+)