def authenticated_collection_from_request(self, required=True): header = request.authorization if header: client_id, client_secret = header.username, header.password collection = Collection.authenticate(self._db, client_id, client_secret) if collection: return collection if not required and not header: # In the case that authentication is not required # (i.e. URN lookup) return None instead of an error. return None return INVALID_CREDENTIALS