def process_exception(self, request, exception): if isinstance(exception, BearerTokenError): response = HttpResponseForbidden() auth_fields = [ 'error="{}"'.format(exception.code), 'error_description="{}"'.format(exception.description) ] if 'scope' in request.POST: auth_fields = ['Bearer realm="{}"'.format(request.POST['scope'])] + auth_fields response.__setitem__('WWW-Authenticate', ', '.join(auth_fields)) return response