From f6710113fdba6efe3710efdc2e26a08398509cb2 Mon Sep 17 00:00:00 2001
From: kamenev <alexander.i.kamenev@gmail.com>
Date: Sat, 13 Nov 2021 23:08:49 +0300
Subject: rm comma after Bearer in WWW-Authenticate header

---
 oauthlib/oauth2/rfc6749/errors.py                          | 7 ++-----
 tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py | 4 ++--
 tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py | 4 ++--
 3 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/oauthlib/oauth2/rfc6749/errors.py b/oauthlib/oauth2/rfc6749/errors.py
index b01e247..da24fea 100644
--- a/oauthlib/oauth2/rfc6749/errors.py
+++ b/oauthlib/oauth2/rfc6749/errors.py
@@ -103,15 +103,12 @@ class OAuth2Error(Exception):
             value "Bearer".  This scheme MUST be followed by one or more
             auth-param values.
             """
-            authvalues = [
-                "Bearer",
-                'error="{}"'.format(self.error)
-            ]
+            authvalues = ['error="{}"'.format(self.error)]
             if self.description:
                 authvalues.append('error_description="{}"'.format(self.description))
             if self.uri:
                 authvalues.append('error_uri="{}"'.format(self.uri))
-            return {"WWW-Authenticate": ", ".join(authvalues)}
+            return {"WWW-Authenticate": "Bearer " + ", ".join(authvalues)}
         return {}
 
 
diff --git a/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py b/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
index 04df6a2..6d3d119 100644
--- a/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
+++ b/tests/oauth2/rfc6749/endpoints/test_introspect_endpoint.py
@@ -87,7 +87,7 @@ class IntrospectEndpointTest(TestCase):
             'Content-Type': 'application/json',
             'Cache-Control': 'no-store',
             'Pragma': 'no-cache',
-            "WWW-Authenticate": 'Bearer, error="invalid_client"'
+            "WWW-Authenticate": 'Bearer error="invalid_client"'
         })
         self.assertEqual(loads(b)['error'], 'invalid_client')
         self.assertEqual(s, 401)
@@ -115,7 +115,7 @@ class IntrospectEndpointTest(TestCase):
             'Content-Type': 'application/json',
             'Cache-Control': 'no-store',
             'Pragma': 'no-cache',
-            "WWW-Authenticate": 'Bearer, error="invalid_client"'
+            "WWW-Authenticate": 'Bearer error="invalid_client"'
         })
         self.assertEqual(loads(b)['error'], 'invalid_client')
         self.assertEqual(s, 401)
diff --git a/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py b/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py
index a4182eb..338dbd9 100644
--- a/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py
+++ b/tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py
@@ -55,7 +55,7 @@ class RevocationEndpointTest(TestCase):
             'Content-Type': 'application/json',
             'Cache-Control': 'no-store',
             'Pragma': 'no-cache',
-            "WWW-Authenticate": 'Bearer, error="invalid_client"'
+            "WWW-Authenticate": 'Bearer error="invalid_client"'
         })
         self.assertEqual(loads(b)['error'], 'invalid_client')
         self.assertEqual(s, 401)
@@ -83,7 +83,7 @@ class RevocationEndpointTest(TestCase):
             'Content-Type': 'application/json',
             'Cache-Control': 'no-store',
             'Pragma': 'no-cache',
-            "WWW-Authenticate": 'Bearer, error="invalid_client"'
+            "WWW-Authenticate": 'Bearer error="invalid_client"'
         })
         self.assertEqual(loads(b)['error'], 'invalid_client')
         self.assertEqual(s, 401)
-- 
cgit v1.2.1