From 0eacbd42d7b7624d9a0c5f413f02444c99f91f14 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Tue, 7 May 2019 15:31:42 -0700
Subject: [PATCH] Converting userinfo authorization to a config var

---
 lemur/auth/views.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lemur/auth/views.py b/lemur/auth/views.py
index 6c479f0e..98ba747d 100644
--- a/lemur/auth/views.py
+++ b/lemur/auth/views.py
@@ -112,11 +112,17 @@ def retrieve_user(user_api_url, access_token):
     """
     user_params = dict(access_token=access_token, schema='profile')
 
+    headers = {}
+
+    if current_app.config.get('PING_INCLUDE_BEARER_TOKEN'):
+        headers = {'Authorization': f'Bearer {access_token}'}
+
     # retrieve information about the current user.
     r = requests.get(
         user_api_url,
         params=user_params,
-        headers={'Authorization': 'Bearer {}'.format(access_token)})
+        headers=headers,
+    )
     profile = r.json()
 
     user = user_service.get_by_email(profile['email'])