0
0
Rest APIprogramming~20 mins

Bearer token authentication in Rest API - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Bearer Token Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Predict Output
intermediate
2:00remaining
What is the output of this Bearer token check?
Given this Python Flask snippet checking a Bearer token, what will be the response if the token is 'abc123'?
Rest API
from flask import Flask, request, jsonify
app = Flask(__name__)

@app.route('/data')
def data():
    auth = request.headers.get('Authorization')
    if auth == 'Bearer abc123':
        return jsonify({'message': 'Access granted'})
    else:
        return jsonify({'message': 'Access denied'}), 401

# Simulate a request with header Authorization: Bearer abc123
response = None
class DummyRequest:
    headers = {'Authorization': 'Bearer abc123'}
request = DummyRequest()

if request.headers.get('Authorization') == 'Bearer abc123':
    response = {'message': 'Access granted'}
else:
    response = {'message': 'Access denied'}

print(response)
A{"message": "Access granted"}
B{"message": "Access denied"}
C401 Unauthorized error
DNone
Attempts:
2 left
💡 Hint
Check the exact match of the Authorization header value.
🧠 Conceptual
intermediate
1:30remaining
What does the 'Bearer' keyword signify in the Authorization header?
In the HTTP header 'Authorization: Bearer ', what is the role of the word 'Bearer'?
AIt indicates the type of token used for authentication.
BIt is the actual token value.
CIt specifies the encryption method of the token.
DIt is a username prefix.
Attempts:
2 left
💡 Hint
Think about how HTTP headers specify token types.
🔧 Debug
advanced
2:30remaining
Why does this Bearer token check always fail?
Identify the error in this Python code snippet that checks a Bearer token from headers: headers = {'Authorization': 'Bearer abc123'} token = headers.get('Authorization') if token == 'abc123': print('Access granted') else: print('Access denied')
AThe headers dictionary is missing the Authorization key.
BThe comparison should use 'Bearer abc123' instead of 'abc123'.
CThe token variable includes 'Bearer ' prefix, so direct comparison to 'abc123' fails.
DThe code raises a KeyError because get() is not used.
Attempts:
2 left
💡 Hint
Check what the token variable actually contains.
📝 Syntax
advanced
2:00remaining
Which option correctly extracts the Bearer token from the Authorization header?
Given a header string 'Authorization: Bearer abc123', which Python code correctly extracts 'abc123'?
Atoken = header.split(':')[1]
Btoken = header.replace('Bearer', '')
Ctoken = header[7:]
Dtoken = header.split(' ')[1]
Attempts:
2 left
💡 Hint
Split the string by space and take the second part.
🚀 Application
expert
3:00remaining
How many valid tokens are accepted by this Bearer token validation code?
Consider this Python code snippet: valid_tokens = {'token1', 'token2', 'token3'} header = 'Bearer token2' if header.startswith('Bearer '): token = header[7:] if token in valid_tokens: result = 'Access granted' else: result = 'Access denied' else: result = 'No token provided' print(result) How many tokens from the valid_tokens set will result in 'Access granted' if used in the header?
A0
B3
C1
D2
Attempts:
2 left
💡 Hint
All tokens in valid_tokens are accepted if header starts with 'Bearer '.