From d2e14abfd56b041d6a5539dda40db717cdb3623b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20KUBLER?= <francois+github@kubler.org>
Date: Tue, 27 Jun 2017 12:57:47 +0200
Subject: [PATCH 1/2] Inverted the order of prefixes in Request.token property.

As suggested by @allan-simon
See: https://github.com/channelcat/sanic/pull/811#pullrequestreview-46144327
---
 sanic/request.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sanic/request.py b/sanic/request.py
index 29cb83f6..f1b3b441 100644
--- a/sanic/request.py
+++ b/sanic/request.py
@@ -86,7 +86,7 @@ class Request(dict):
 
         :return: token related to request
         """
-        prefixes = ('Token ', 'Bearer ')
+        prefixes = ('Bearer', 'Token ')
         auth_header = self.headers.get('Authorization')
 
         if auth_header is not None:

From 1f24abc3d20f04135789852e9afce98a9e2f8edb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20KUBLER?= <francois+github@kubler.org>
Date: Thu, 29 Jun 2017 10:23:49 +0200
Subject: [PATCH 2/2] Fixed support for "Bearer" and "Token" auth-schemes.

Removed the test for "Authentication: Bearer Token <TOKEN>" which was not supposed to exist (see https://github.com/channelcat/sanic/pull/821)
Also added a call to `split` when retrieving the token value to handle cases where there are leading or trailing spaces.
---
 sanic/request.py       |  4 ++--
 tests/test_requests.py | 10 ----------
 2 files changed, 2 insertions(+), 12 deletions(-)

diff --git a/sanic/request.py b/sanic/request.py
index f1b3b441..e21b8282 100644
--- a/sanic/request.py
+++ b/sanic/request.py
@@ -86,13 +86,13 @@ class Request(dict):
 
         :return: token related to request
         """
-        prefixes = ('Bearer', 'Token ')
+        prefixes = ('Bearer', 'Token')
         auth_header = self.headers.get('Authorization')
 
         if auth_header is not None:
             for prefix in prefixes:
                 if prefix in auth_header:
-                    return auth_header.partition(prefix)[-1]
+                    return auth_header.partition(prefix)[-1].strip()
 
         return auth_header
 
diff --git a/tests/test_requests.py b/tests/test_requests.py
index 671febeb..81fe1a5c 100644
--- a/tests/test_requests.py
+++ b/tests/test_requests.py
@@ -172,16 +172,6 @@ def test_token():
 
     assert request.token == token
 
-    token = 'a1d895e0-553a-421a-8e22-5ff8ecb48cbf'
-    headers = {
-        'content-type': 'application/json',
-        'Authorization': 'Bearer Token {}'.format(token)
-    }
-
-    request, response = app.test_client.get('/', headers=headers)
-
-    assert request.token == token
-    
     token = 'a1d895e0-553a-421a-8e22-5ff8ecb48cbf'
     headers = {
         'content-type': 'application/json',