From 9ae2cdb168ce062bfc25030951be5b8f421f4494 Mon Sep 17 00:00:00 2001
From: Gert Van Gool <gertvangool@gmail.com>
Date: Wed, 23 Dec 2020 10:26:15 -0800
Subject: [PATCH] Check the headers attribute on requests

The oauth2_provider package stores a (custom) set of headers on the
headers attribute instead of the default META attribute. Let's use it to
look up our expected keys.
---
 axes/signals.py | 6 +++++-
 axes/utils.py   | 2 ++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/axes/signals.py b/axes/signals.py
index 66f9696..60aab6c 100644
--- a/axes/signals.py
+++ b/axes/signals.py
@@ -27,7 +27,11 @@ log = logging.getLogger(settings.AXES_LOGGER)
 user_locked_out = Signal(providing_args=['request', 'username', 'ip_address'])
 
 def request_meta_get(request, key, default_value=None):
-    return getattr(request, 'META', {}).get(key, default_value)
+    meta = getattr(request, 'META', {})
+    if not meta:
+        # oauth2_provider package stores META in headers
+        meta = getattr(request, 'headers', {})
+    return meta.get(key, default_value)
 
 
 @receiver(user_login_failed)
diff --git a/axes/utils.py b/axes/utils.py
index 3af856f..bbc1c78 100644
--- a/axes/utils.py
+++ b/axes/utils.py
@@ -53,6 +53,8 @@ def get_ip(request):
     """Parse IP address from REMOTE_ADDR or
     AXES_REVERSE_PROXY_HEADER if AXES_BEHIND_REVERSE_PROXY is set."""
     request_meta = getattr(request, "META", {})
+    if not request_meta:
+        request_meta = getattr(request, "headers", {})
     if settings.AXES_BEHIND_REVERSE_PROXY:
         # For requests originating from behind a reverse proxy,
         # resolve the IP address from the given AXES_REVERSE_PROXY_HEADER.